[olug] gnu/linux 2.4 bridging problems

Brian Wiese bwiese at cotse.com
Tue Dec 10 15:39:24 UTC 2002 

Does anyone happen to have any experience with bridging in linux 2.4.19
specifically?  =)

A lot of the docs out there are for kernel 2.2 and even older stuff, but I
think I've got everything working.... and sometimes it does, but then it
just 'stops'.  Maybe it's some buggy bridging code or maybe someone has
experienced this before and has a 'gotcha' idea?

I've been using these to sources for most of my info:
http://www.linuxsecurity.com/docs/harden-doc/html/securing-debian-howto/ap-bridge-fw.en.html
http://www.linuxgazette.com/issue76/whitmarsh.html

Before trying to work with 2 different subnets, I'm just working with the
one: 192.168.200.0/24 ...

   obsd        5pt dlinks        debian           windoze xp  =(
[gw/dhcp]---[switch]--[switch]--[bridge]------[laptop via Xover in eth1]
.200.1                    eth0=eth1=0.0.0.0      eth0=.200.111
                            br0=.200.222

I do on the [bridge]:
# brctl addbr br0
# brctl addif br0 eth0
# brctl addif br0 eth1
# ifconfig eth0 0.0.0.0
# ifconfig eth1 0.0.0.0
# ifconfig br0 192.168.200.222 netmask 255.255.255.0 broadcast
192.168.200.255
# route add default gw 192.168.200.1

now what's odd...

[from laptop] is many times I was able to get a DHCP lease from my
gateway/dhcp server 192.168.200.1 (through the bridge, I could even see
this work on a tcpdump), and in 'some' cases I was able to ping my
dhcp/gw, and the network beyond that (a 10.0.0.0/24), but I could not
resolve any DNS domain names, nor was I able to ping any of my DNS servers
(cox: 66.37.238.26, 66.37.237.5)
Same goes for signing things statically on the laptop.
It can always ping the br0 or eth1 interface if they are set up with an IP.

[from the bridge] it seems to be working alright, it's running Debian
(testing/unstable - my mistake, but I wanted the latest snort and such,
and think it got outta control even though I told /etc/apt/apt.conf my
default relese should be "stable") and doing apt-get just fine out to the
Internet.  Does anyone know of any other tools I can use to troubleshoot
this?

# brctl show
bridge name   bridge id           STP enabled   interfaces
br0           8000.00104b0dc7cb   yes           eth0 eth1

# netstat -r
Destination     Gateway       Genmask        Flags  MSS Window  irtt Iface
192.168.200.0   *             255.255.255.0  U      40  0       0    br0
default         192.168.200.1 0.0.0.0        UG     40  0       0    br0
-------------------------

Any ideas/help/suggestions would be appreciated.  By default my
/etc/network/interfaces sets my eth0 and eth1 to 0.0.0.0 and sets up the
bridge as well.  I could type that all out too... but maybe later. =) 
Nate, didn't you set something like this up before... any probs?

man, I'm thinking I shoulda went with obsd on this bridging thing...
having to 'patch' a new kernel to get iptables/bridging is perhaps my
first sign. =)

peace
Brian

More information about the OLUG mailing list