LinuxQuestions.org - Network Bridge Setup Issue

Hello Everyone!

I'm running Suse 10.0, and am trying to setup a VPN and need to bridge my eth0 interface on my local LAN to a tap0 interface for the VPN. I have installed the bridge-utils package in order to do this, and am running the following script in order to setup the bridge:

Code:

# Define Bridge Interface

br="br0"



# Define list of TAP interfaces to be bridged,

# for example tap="tap0 tap1 tap2".

tap="tap0"



# Define physical ethernet interface to be bridged

# with TAP interface(s) above.

eth="eth0"

eth_ip="192.168.1.110"

eth_netmask="255.255.255.128"

eth_broadcast="192.168.1.127"



for t in $tap; do

        openvpn --mktun --dev $t

done



brctl addbr $br

brctl addif $br $eth



for t in $tap; do

        brctl addif $br $t

done



for t in $tap; do

        ifconfig $t 0.0.0.0 promisc up

done



ifconfig $eth 0.0.0.0 promisc up



ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast

Here's a before and after shot of my ifconfig:

Code:

Before:

eth0          Link encap:Ethernet  HWaddr 00:13:D4:6C:F7:9A  

                  inet addr:192.168.1.110  Bcast:192.168.1.127  Mask:255.255.255.128

                  inet6 addr: fe80::213:d4ff:fe6c:f79a/64 Scope:Link

                  UP BROADCAST NOTRAILERS RUNNING PROMISC MULTICAST  MTU:1500  Metric:1

                  RX packets:141228 errors:0 dropped:0 overruns:0 frame:0

                  TX packets:256980 errors:0 dropped:0 overruns:0 carrier:0

                  collisions:0 txqueuelen:1000 

                  RX bytes:15545992 (14.8 Mb)  TX bytes:31405601 (29.9 Mb)

                  Interrupt:193 



lo                Link encap:Local Loopback  

                  inet addr:127.0.0.1  Mask:255.0.0.0

                  inet6 addr: ::1/128 Scope:Host

                  UP LOOPBACK RUNNING  MTU:16436  Metric:1

                  RX packets:397614 errors:0 dropped:0 overruns:0 frame:0

                  TX packets:397614 errors:0 dropped:0 overruns:0 carrier:0

                  collisions:0 txqueuelen:0 

                  RX bytes:31398802 (29.9 Mb)  TX bytes:31398802 (29.9 Mb)



After:

br0          Link encap:Ethernet  HWaddr 00:13:D4:6C:F7:9A  

                  inet addr:192.168.1.110  Bcast:192.168.1.127  Mask:255.255.255.128

                  inet6 addr: fe80::213:d4ff:fe6c:f79a/64 Scope:Link

                  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

                  RX packets:224 errors:0 dropped:0 overruns:0 frame:0

                  TX packets:428 errors:0 dropped:0 overruns:0 carrier:0

                  collisions:0 txqueuelen:0 

                  RX bytes:21254 (20.7 Kb)  TX bytes:69896 (68.2 Kb)



eth0          Link encap:Ethernet  HWaddr 00:13:D4:6C:F7:9A  

                  inet6 addr: fe80::213:d4ff:fe6c:f79a/64 Scope:Link

                  UP BROADCAST NOTRAILERS RUNNING PROMISC MULTICAST  MTU:1500  Metric:1

                  RX packets:142462 errors:0 dropped:0 overruns:0 frame:0

                  TX packets:259029 errors:0 dropped:0 overruns:0 carrier:0

                  collisions:0 txqueuelen:1000 

                  RX bytes:15677159 (14.9 Mb)  TX bytes:31676506 (30.2 Mb)

                  Interrupt:193 



lo                Link encap:Local Loopback  

                  inet addr:127.0.0.1  Mask:255.0.0.0

                  inet6 addr: ::1/128 Scope:Host

                  UP LOOPBACK RUNNING  MTU:16436  Metric:1

                  RX packets:400928 errors:0 dropped:0 overruns:0 frame:0

                  TX packets:400928 errors:0 dropped:0 overruns:0 carrier:0

                  collisions:0 txqueuelen:0 

                  RX bytes:31687345 (30.2 Mb)  TX bytes:31687345 (30.2 Mb)



tap0          Link encap:Ethernet  HWaddr 16:DE:9C:29:45:72  

                  inet6 addr: fe80::14de:9cff:fe29:4572/64 Scope:Link

                  UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1

                  RX packets:0 errors:0 dropped:0 overruns:0 frame:0

                  TX packets:0 errors:0 dropped:8 overruns:0 carrier:0

                  collisions:0 txqueuelen:0 

                  RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

For some reason, I can easily access other PC's on my internal 192.168.1.1 network and on the internet before the bridge, but then after I can only reach internal LAN PC's, and not resolve ANY external addresses. My new routing table looks like this:

Code:

Kernel IP routing table

Destination        Gateway                Genmask                Flags Metric Ref        Use Iface

192.168.1.0        *                          255.255.255.128 U        0          0                0 br0

192.168.1.0        *                          255.255.255.128 U        0          0                0 eth0

link-local          *                          255.255.0.0        U        0          0                0 eth0

loopback                *                          255.0.0.0          U        0          0                0 lo

default                192.168.1.1        0.0.0.0                UG        0          0                0 eth0

Or sometimes like this (seems kinda hokey):

Code:

Kernel IP routing table

Destination        Gateway                Genmask                Flags Metric Ref        Use Iface

192.168.1.0        *                          255.255.255.128 U        0          0                0 br0

loopback                *                          255.0.0.0          U        0          0                0 lo

Is there some known bug for this? Am I doing anything blatantly wrong and just can't see it? I think I've got the commands in the correct order, but have no idea why I see the two different route tables from time to time. I've tried disabling my firewall completely, and messing around with the router setting as well.

Any help would be greatly appreciated. Thanks!