danfiggolf
asked on
LINUX Firewall - Ethernet bridging
our bridge is set for all nics to be bridged to no ip and so you give ifconfig a setting of promisc up which as described by the ifconfig man page means "All packets on the network will be received by the interface."
bridge name bridge id STP enabled interfaces
br0 8000.001346e6250b no ath1
eth2
tap0
As you can see below, ath1, eth2, and tap0 all don't have an IP because they are all in the bridge. br0, the bridge, takes all traffic that comes from the interfaces: ath1, eth2, and tap0 and "bridges" the networks in this way as if they were all on one network card, the configuration of br0 represents this "one network card". Our bridge was constructed using the howto from the OpenVPN site with a small modification that allows three interfaces on the bridge: http://openvpn.net/bridge.html
We are trying to understand why the Wireless nodes receive IPs just fine, but the Backup server noted below in the ifconfig output receives a DHCP IP address just fine and is still not able to ping anything local or remote?
Linux Server (Firewall):
ath1 Link encap:Ethernet HWaddr 00:14:6C:89:44:87
inet6 addr: fe80::214:6cff:fe89:4487/6
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:16496 errors:0 dropped:0 overruns:0 frame:0
TX packets:20112 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1904165 (1.8 Mb) TX bytes:15290428 ( 14.5 Mb)
br0 Link encap:Ethernet HWaddr 00:13:46:E6:25:0B
inet addr: 192.169.0.1 Bcast: 192.169.0.255 Mask: 255.255.255.0
inet6 addr: fe80::213:46ff:fee6:250b/6
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14442 errors:0 dropped:0 overruns:0 frame:0
TX packets:15492 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1618977 (1.5 Mb) TX bytes:7141959 (6.8 Mb)
eth2 Link encap:Ethernet HWaddr 00:13:46:E6:25:0B
inet6 addr: fe80::213:46ff:fee6:250b/6
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:122429276 errors:0 dropped:0 overruns:0 frame:0
TX packets:270420109 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:887642421 (846.5 Mb) TX bytes:2930004281 (2794.2 Mb)
Interrupt:225 Base address:0xdc00
eth3 Link encap:Ethernet HWaddr 00:16:EC:69:3C:B5
inet addr: Internet.IP.12.2 Bcast: Internet.IP.12.255 Mask:255.255.255.0
inet6 addr: fe80::216:ecff:fe69:3cb5/6
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8140802 errors:0 dropped:0 overruns:0 frame:0
TX packets:2323611 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3906504983 ( 3725.5 Mb) TX bytes:551977672 (526.4 Mb)
Interrupt:209 Base address:0xd800
lo Link encap:Local Loopback
inet addr: 127.0.0.1 Mask: 255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:23808860 errors:0 dropped:0 overruns:0 frame:0
TX packets:23808860 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2245957434 (2141.9 Mb) TX bytes:2245957434 (2141.9 Mb)
tap0 Link encap:Ethernet HWaddr CE:3C:1D:1E:3B:41
inet6 addr: fe80::cc3c:1dff:fe1e:3b41/
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:704 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:180832 ( 176.5 Kb)
wifi0 Link encap:UNSPEC HWaddr 00-14-6C-89-44-87-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16605879 errors:0 dropped:0 overruns:0 frame:1080636
TX packets:11432729 errors:65368 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:199
RX bytes:2162385966 ( 2062.2 Mb) TX bytes:748681877 (713.9 Mb)
Interrupt:209 Memory:cf080000-cf090000
Backup Server:
eth0 Link encap:Ethernet HWaddr 00:10:5A:01:96:0D
inet addr: 192.169.0.3 Bcast: 192.169.0.255 Mask:255.255.255.0
inet6 addr: fe80::210:5aff:fe01:960d/6
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1558 errors:0 dropped:0 overruns:0 frame:0
TX packets:1304 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:198584 (193.9 Kb) TX bytes:125200 ( 122.2 Kb)
Interrupt:9 Base address:0xdf00
lo Link encap:Local Loopback
inet addr: 127.0.0.1 Mask: 255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:94 errors:0 dropped:0 overruns:0 frame:0
TX packets:94 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6804 (6.6 Kb) TX bytes:6804 (6.6 Kb)
bridge name bridge id STP enabled interfaces
br0 8000.001346e6250b no ath1
eth2
tap0
As you can see below, ath1, eth2, and tap0 all don't have an IP because they are all in the bridge. br0, the bridge, takes all traffic that comes from the interfaces: ath1, eth2, and tap0 and "bridges" the networks in this way as if they were all on one network card, the configuration of br0 represents this "one network card". Our bridge was constructed using the howto from the OpenVPN site with a small modification that allows three interfaces on the bridge: http://openvpn.net/bridge.html
We are trying to understand why the Wireless nodes receive IPs just fine, but the Backup server noted below in the ifconfig output receives a DHCP IP address just fine and is still not able to ping anything local or remote?
Linux Server (Firewall):
ath1 Link encap:Ethernet HWaddr 00:14:6C:89:44:87
inet6 addr: fe80::214:6cff:fe89:4487/6
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:16496 errors:0 dropped:0 overruns:0 frame:0
TX packets:20112 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1904165 (1.8 Mb) TX bytes:15290428 ( 14.5 Mb)
br0 Link encap:Ethernet HWaddr 00:13:46:E6:25:0B
inet addr: 192.169.0.1 Bcast: 192.169.0.255 Mask: 255.255.255.0
inet6 addr: fe80::213:46ff:fee6:250b/6
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14442 errors:0 dropped:0 overruns:0 frame:0
TX packets:15492 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1618977 (1.5 Mb) TX bytes:7141959 (6.8 Mb)
eth2 Link encap:Ethernet HWaddr 00:13:46:E6:25:0B
inet6 addr: fe80::213:46ff:fee6:250b/6
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:122429276 errors:0 dropped:0 overruns:0 frame:0
TX packets:270420109 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:887642421 (846.5 Mb) TX bytes:2930004281 (2794.2 Mb)
Interrupt:225 Base address:0xdc00
eth3 Link encap:Ethernet HWaddr 00:16:EC:69:3C:B5
inet addr: Internet.IP.12.2 Bcast: Internet.IP.12.255 Mask:255.255.255.0
inet6 addr: fe80::216:ecff:fe69:3cb5/6
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8140802 errors:0 dropped:0 overruns:0 frame:0
TX packets:2323611 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3906504983 ( 3725.5 Mb) TX bytes:551977672 (526.4 Mb)
Interrupt:209 Base address:0xd800
lo Link encap:Local Loopback
inet addr: 127.0.0.1 Mask: 255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:23808860 errors:0 dropped:0 overruns:0 frame:0
TX packets:23808860 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2245957434 (2141.9 Mb) TX bytes:2245957434 (2141.9 Mb)
tap0 Link encap:Ethernet HWaddr CE:3C:1D:1E:3B:41
inet6 addr: fe80::cc3c:1dff:fe1e:3b41/
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:704 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:180832 ( 176.5 Kb)
wifi0 Link encap:UNSPEC HWaddr 00-14-6C-89-44-87-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16605879 errors:0 dropped:0 overruns:0 frame:1080636
TX packets:11432729 errors:65368 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:199
RX bytes:2162385966 ( 2062.2 Mb) TX bytes:748681877 (713.9 Mb)
Interrupt:209 Memory:cf080000-cf090000
Backup Server:
eth0 Link encap:Ethernet HWaddr 00:10:5A:01:96:0D
inet addr: 192.169.0.3 Bcast: 192.169.0.255 Mask:255.255.255.0
inet6 addr: fe80::210:5aff:fe01:960d/6
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1558 errors:0 dropped:0 overruns:0 frame:0
TX packets:1304 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:198584 (193.9 Kb) TX bytes:125200 ( 122.2 Kb)
Interrupt:9 Base address:0xdf00
lo Link encap:Local Loopback
inet addr: 127.0.0.1 Mask: 255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:94 errors:0 dropped:0 overruns:0 frame:0
TX packets:94 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6804 (6.6 Kb) TX bytes:6804 (6.6 Kb)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
What does iptables -L show?
On the "backup server" what does "netstat -rn" show?