[Bridge] IP address on physcial interface instead of bridge interface?

Bart De Schuymer bdschuym at pandora.be
Mon Mar 29 01:51:26 PDT 2010


Joakim Tjernlund wrote:
> Bart De Schuymer <bdschuym at pandora.be> wrote on 2010/03/29 09:46:47:
>> Joakim Tjernlund wrote:
>>> Joakim Tjernlund/Transmode wrote on 2010/03/28 21:04:11:
>>>> Joakim Tjernlund/Transmode wrote on 2010/03/28 20:27:10:
>>>>> Bart De Schuymer <bdschuym at pandora.be> wrote on 2010/03/28 14:48:52:
>>>>>> Stephen Hemminger schreef:
>>>>>>> If you read the network receive code path in the kernel, you
>>>>>>> will see that there is a special hook used. Basically,
>>>>>>>
>>>>>>>   if received_interface_is_part_of_bridge(incoming_interface)
>>>>>>>   then process_bridged_packet(packet)
>>>>>>>
>>>>>>> Then bridge looks at packet and decides whether it is local or forwarded.
>>>>>>> The problem is with your application if it wants to use eth0 directly.
>>>>>>>
>>>>>>>
>>>>>> The ebtables brouting chain was designed to enable you to do this.
>>>>> Can you give me an example?
>>>> Found this on the net:
>>>> ebtables -t broute -A BROUTING -p 0800  -i eth1 --ip-dst 192.168.1.16 -j DROP
>>>> ebtables -t broute -A BROUTING -p 0806  -i eth1 -d 00:06:9C:00:B2:FB -j DROP
>>>> ebtables -t broute -A BROUTING -p 0806  -i eth1 --arp-ip-dst 192.168.1.16 -j DROP
>>>>
>>>> 192.168.1.16 and 00:06:9C:00:B2:FB are the IP and MAC addresses of eth1.
>>>>
>>>> Then add eth1 to the bridge and it appears to be working as I want.
>>>> Are there any "gotcha's" with this method?
>>> What about other protocols such as pppoe and OSPF, will these work over eth1 too?
>>> Are outgoing pkgs from the host bridged or just sent out over eth1?
>>>
>>>     Jocke
>> The ebtables rules in the brouting chain see all traffic arriving on the
>> bridge port (currently unless the port is in learning state). So as long
>> as your setup is correct it should work with pppoe and OSPF too.
> 
> Ah good. So the outgoing traffic will go out over the bridge port too and
> thereby be bridged?

If you want the ingoing traffic to go through eth1 I assume you want the
accompanying outgoing traffic to go through eth1 too. Your routing table
should be routing 192.168.1.0/24 to eth1. If this is not how you want it
to work, please explain.

> Still I wonder about OSPF. This protocol sends pks to multicast IP address
> 224.0.0.5/6 so how are these picked up by the broute rule?
> 
> How is pppoe picked up by the broute rule? The ethertype is different from ipv4
> so I don't understand how it manages to do that.
> 

You'll need additional ebtables rules.


-- 
Bart De Schuymer
www.artinalgorithms.be


More information about the Bridge mailing list