有關bsd用來當bridge的問題 - BBS

※ 引述《[email protected] (OuTian ~)》之銘言：
: ※ 引述《[email protected] (koach)》之銘言：
: > 目前的做法是將BSD的兩塊網卡跨在router和lan之間以做流量監控
: > 一切都是Ok，但就是會一直出現
: > Dec 9 14:48:15 netctl /kernel: -- loop (0) 00.c0.9f.04.03.11 to fxp1 from fxp0
: > 之類的訊息..
: > 上google找，好像有人也遇過(但很少人)，但找不到答案.. :(
: 我這邊用起來並不會有什麼問題 ...
: > 我的網路架構是
: > route <-> (fxp0)bridge(fxp1)<-> LAN
: > a.b.c.d e.f.g.h
: > 大致上兩台出現的訊息是說
: > route這台 : e.f.g.h的MAC改變了(在fxp0和fxp1間變來變去)
: > bridge這台　：　a.b.c.d 從 (fxp0這邊變成fxp1)或反之(fxp1變成fxp0)
: e.f.g.h 是設在哪個 interface ??
: and bridge 那台的
: netstat -rn
: sysctl -a | grep bridge
: 訊息 ?


[fxp1]Router[fxp0] <-> [fxp0]Bridge[fxp1] <-> LAN


Router的/var/log/message摘要
Dec 10 09:33:41 Router /kernel: arp: my_bridge_ip moved from 00:90:27:a0:d7:e1 to 00:d0:b7:90:13:a8 on fxp0
Dec 10 09:56:41 Router /kernel: arp: my_bridge_ip moved from 00:d0:b7:90:13:a8 to 00:90:27:a0:d7:e1 on fxp0
Dec 10 10:15:23 Router /kernel: arp: my_bridge_ip moved from 00:90:27:a0:d7:e1 to 00:d0:b7:90:13:a8 on fxp0
Dec 10 10:22:54 Router /kernel: arp: my_bridge_ip moved from 00:d0:b7:90:13:a8 to 00:90:27:a0:d7:e1 on fxp0
Dec 10 10:44:01 Router /kernel: arp: my_bridge_ip moved from 00:90:27:a0:d7:e1 to 00:d0:b7:90:13:a8 on fxp0
Dec 10 10:55:14 Router /kernel: arp: my_bridge_ip moved from 00:d0:b7:90:13:a8 to 00:90:27:a0:d7:e1 on fxp0

Router的ifconfig摘要
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500


Bridge的/var/log/message摘要
Dec 10 20:37:59 Bridge /kernel: -- loop (0) 00.c0.9f.04.03.11 to fxp1 from fxp0 (active)
Dec 10 20:37:59 Bridge /kernel: -- loop (1) 00.c0.9f.04.03.11 to fxp0 from fxp1 (active)
Dec 10 20:38:02 Bridge /kernel: -- loop (0) 00.c0.9f.04.03.11 to fxp1 from fxp0 (active)
Dec 10 20:38:03 Bridge /kernel: -- loop (1) 00.c0.9f.04.03.11 to fxp0 from fxp1 (active)
Dec 10 21:50:14 Bridge /kernel: -- loop (0) 00.c0.9f.04.03.11 to fxp1 from fxp0 (active)
Dec 10 21:50:14 Bridge /kernel: -- loop (1) 00.c0.9f.04.03.11 to fxp0 from fxp1 (active)
Dec 10 21:50:17 Bridge /kernel: -- loop (2) 00.c0.9f.04.03.11 to fxp1 from fxp0 (active)
Dec 10 21:50:17 Bridge /kernel: -- loop (3) 00.c0.9f.04.03.11 to fxp0 from fxp1 (active)
Dec 10 22:01:48 Bridge /kernel: -- loop (0) 00.c0.9f.04.03.11 to fxp1 from fxp0 (active)
Dec 10 22:01:48 Bridge /kernel: -- loop (1) 00.c0.9f.04.03.11 to fxp0 from fxp1 (active)

Bridge的ifconfig摘要
fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
fxp1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500



註1：00.c0.9f.04.03.11是我router的fxp0的MAC
註2：00:90:27:a0:d7:e1 和 00:d0:b7:90:13:a8 分別是我Bridge兩張卡的MAC
註3：我的Bridge的rc.conf設定是 ifconfig_fxp0="inet 163.32.58.2 netmask 255.255.255.0"
　　　而fxp1沒設（Bridge應該是只設一張卡的ifconfig就可以了沒錯吧..!)
　　　我也反過來設，結果也是一樣
註4： Router 上跑的 dhcpd 是設在 fxp0上跑
ddns-update-style none;
ddns-updates off;
default-lease-time 7200;
option domain-name "aa.bb.edu.tw";
option domain-name-servers 163.xx.yy.1;
option routers 163.xx.yy.254;

subnet 163.xx.yy.0 netmask 255.255.255.0{
range 163.xx.yy.128 163.xx.yy.223;
}
跑dhcpd後的訊息如下
Listening on BPF/fxp0/00:c0:9f:04:03:11/163.32.58.0/24
Sending on BPF/fxp0/00:c0:9f:04:03:11/163.32.58.0/24
Sending on Socket/fallback/fallback-net
dhcpd運作已久，目前還沒出現什麼問題過


好玩的是
當我今早在bridge下
arp -S my_bridge_ip 00:d0:b7:90:13:a8
（我的目的是要bridge將自己的mac和ip對照記著)
結果
我router的主機就不再有上述的訊息了，但Bridge的訊息仍一直持續

bridge的sysctl -a|grep bridge結果是
net.link.ether.bridge_cfg: fxp0,fxp1
net.link.ether.bridge: 1
net.link.ether.bridge_ipfw: 1
net.link.ether.bridge_ipf: 0
net.link.ether.bridge_ipfw_drop: 0
net.link.ether.bridge_ipfw_collisions: 0

netstat -rn大致是
163.xx.yy.1 00:c0:9f:04:03:11 UHLW 0 5714 fxp0 1199
163.xx.yy.2 00:d0:b7:90:13:a8 UHLS 0 0 lo0
其中.1是我的router, .2是我的bridge

--