Forum Moderators: bakedjake
I wished to introduce a bridge between the modem and the router so that I could run PF on it, basically just for experimentation.
I actually do have a bridge operating between the two, and can get on the internet just fine. It's using OpenBSD 3.4 and obviously the two network adapters have no IP addresses.
These are my configuration files-
/etc/hostname.vr0 >> up
/etc/hostname.vr1 >> up
/etc/bridgename.bridge0 >> add vr0 add vr1 up
The bridge is up and running, and it is working, but you'll notice that I didn't enable IP forwarding. This is what I don't understand. How can I be posting this message if IP forwarding is not on?
Also, is if enable blocknonip on either of the two network interfaces on the bridge, I can not access the internet anymore.
Thus I gather it's not using IP...
This is what I don't understand. How can I be posting this message if IP forwarding is not on?
That's the whole point of bridging. If you used IP Forwarding, you wouldn't be bridging, you'd be routing.
Bridging doesn't need any IP Forwarding rules because it doesn't need them. The incoming packets/frames get inspected for the source and destination MAC addresses, and if they differ, and the system knows that the destination MAC is on the other side, then it forwards it on. If not, then it just leaves it be and doesn't forward it.
That's the process that it uses, and is completely transparent. There's very little configuration that needs to be done.
As for the blocknonip, I'm not sure what that command does to the system, so I couldn't say. Maybe the interfaces, once in Bridge mode, only understand frames, and not the higher-level packets?
HTH,
-MM
