[SOLVED] transparent bridge between wan dmz in slackware

opensys · 09-23-2011, 03:22 PM

Hello folks,

I have configure a transparent bridge like this:

brctl addbr br0
brctl stp br0 off
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig eth0 0.0.0.0 promisc up
ifconfig eth1 0.0.0.0 promisc up
ifconfig br0 213.46.56.194 netmask 255.255.255.192 broadcast 94.46.224.255 up
ifconfig br0 up

this bridge works fine but i have ping packets lost.... in 100 pings i have 20 pings lost in some times.
I tested the interface without the bridge, and works fine with no packet lost.
i have also in dmesg "br0: received packet on eth1 with own address as source address"
The eth0 and the br0 interfaces have the same mac address, this is right ?

A simple diagram example of what im doing:

Internet ---- router ( 62.3.3.25 ) --
-- bridge (62.3.3.26 gw 62.3.3.25 / 192.168.0.1)
|
|
|---- WWW Server (62.3.3.27 gw 62.3.3.25)
|
|---- FTP Server (62.3.3.28 gw 62.3.3.25)
|
LAN --- Zipowz (192.168.0.2 gw 192.168.0.1)

Can anyone help me ?

mRgOBLIN · 09-23-2011, 10:15 PM

Why set the promisc on the interfaces?

I wrote a script to start my bridge that you can adapt to your own needs

Code:

#!/bin/sh
$GATEWAY_IP=192.168.1.1

start() {
        echo -n "Setting up Bridging. "
        ifconfig eth0 0.0.0.0
        ifconfig eth1 0.0.0.0
        brctl addbr br0
        brctl addif br0 eth0
        brctl addif br0 eth1
        ifconfig br0 192.168.1.2 netmask 255.255.255.0
        route add default gw $GATEWAY_IP dev br0
    for dot in $(seq 8); do
        echo -n "."
        ping -c1 $GATEWAY_IP &>/dev/null
        exstat=$?
        if [ ${exstat} -eq 0 ]; then
                break
        fi
    done

if [ ${exstat} -eq 0 ]; then
        echo " Success!"
else
        echo " Failed to create bridge!"
fi
}

stop() {
        route del default gw $GATEWAY_IP
        ifconfig br0 down
        brctl delbr br0
}

case "$1" in
        'stop')
        stop
        ;;
        'start')
        start
        ;;
        'restart')
        stop
        start
        ;;
        *)
        echo "usage rc.bridge: start|stop|restart"
esac

opensys · 09-24-2011, 08:42 AM

Thank you mRgOBLIN for the script, my rules is fine.
The promisc on is just for debug.

I found the problem after allots os time speed with this... the problem is the fu*king network interfaces...
Intel Corporation 82576 Gigabit Network- The new intel driver support the VMDQ channels and was activated.
I disable it, and no more packets loss

But when i configure the rules, other problem appears.. a fatal kernel panic relational with icmp_send() and more functions on kernel 2.6.37.6.
This appends when a make a ping from the dmz, so i decide to upgrade to kernel to 2.6.38.4, when no more problems at the moment.

Thank you all to me

mRgOBLIN · 09-24-2011, 06:11 PM

Good to see you got it sorted.

Might be a nice idea to mark the thread as "SOLVED" with the "Thread Tools" menu at the top of the post.