[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenBSD and bridge interface



On Wed, Aug 22, 2001 at 08:47:26AM -0600, PC Drew wrote:
> it might be an IRQ problem...afterall, fxp0 is sharing IRQs with de0, de1,
> and de2:
> 
> fxp0 at pci0 dev 11 function 0 "Intel 82557" rev 0x05: irq 11, address
> 00:08:c7:05:12:91
> fxp1 at pci0 dev 15 function 0 "Intel 82557" rev 0x05: irq 5, address
> 00:a0:c9:fc:86:a6
> de0 at pci0 dev 12 function 0 "DEC DECchip 21142/3" rev 0x30: irq 11
> de0: DEC DE500-BA 21143 [10-100Mb/s] pass 3.0 address 08:00:2b:c3:59:de
> de1 at pci0 dev 14 function 0 "DEC DECchip 21142/3" rev 0x30: irq 11
> de1: DEC DE500-BA 21143 [10-100Mb/s] pass 3.0 address 08:00:2b:c3:41:e9
> de2 at pci0 dev 16 function 0 "DEC DECchip 21142/3" rev 0x30: irq 11
> de2: DEC DE500-BA 21143 [10-100Mb/s] pass 3.0 address 08:00:2b:c3:80:06
> 
> 
Well this doesn't matter, because on other OpenBSD with also more than 2
interfaces on the same IRQ (not in bridge mode), I have no problems with it.
Well I had to remove the following option in the config file:

pcibios0 at bios0 flags 0x0000

> ----- Original Message -----
> From: <robin_(_at_)_phear_(_dot_)_nl>
> To: <misc_(_at_)_openbsd_(_dot_)_org>
> Sent: Wednesday, August 22, 2001 3:32 AM
> Subject: OpenBSD and bridge interface
> 
> 
> > Hi Ya!
> >
> > I've got some problems with a firewall.
> > I've installed an OpenBSD v2.9-stable on a box with 5 interfaces. Two
> > of them will be going in bridge mode and one is for management
> > lan. The last two will not be used at this moment.
> >
> > Somehow on the DMZ network I get lots of the following messages:
> > arp: 10.99.1.200 is on fxp1 but got reply from 08:00:2b:c3:80:06 on fxp0
> > arp: 10.99.1.200 is on fxp1 but got reply from 08:00:2b:c3:80:06 on fxp0
> > arp: 10.99.1.200 is on fxp1 but got reply from 08:00:2b:c3:80:06 on fxp0
> > arp: 10.99.1.200 is on fxp1 but got reply from 08:00:2b:c3:80:06 on fxp0
> > arp: 10.99.1.200 is on fxp1 but got reply from 08:00:2b:c3:80:06 on fxp0
> >
> > If I check on the firewall, then the MAC address above is from the de2
> > interface of the firewall. (you can see it in the dmesg message)
> > Does someone have the same problem and/or has someone have the
> > sollution?
> >
> > Ow, yeah, i'll also get these messages on the firewall:
> > arpresolve: can't allocate llinfo
> > arpresolve: can't allocate llinfo
> > arpresolve: can't allocate llinfo
> > arpresolve: can't allocate llinfo
> > arpresolve: can't allocate llinfo
> > arpresolve: can't allocate llinfo
> >
> > Below you find Information from the firewall:
> >
> > # cat /etc/bridgename.bridge0
> > add de2 add de1 up
> >
> > # cat /etc/hostname.de2
> > media 100baseTX mediaopt full-duplex up
> >
> > # cat /etc/hostname.de1
> > media 100baseTX mediaopt full-duplex up
> >
> > # cat /etc/hostname.fxp1
> > inet 10.99.1.200 255.255.255.0 NONE
> >
> > # netstat -nr
> > Routing tables
> >
> > Internet:
> > Destination        Gateway            Flags     Refs     Use    Mtu
> Interface
> > 10.99.1/24         link#4             UC          0        0   1500   fxp1
> > 10.99.1.200        127.0.0.1          UGHS        0        0  32972   lo0
> > 10.99.1.254        0:90:27:73:7d:a2   UHL         1     1821   1500   fxp1
> > 127/8              127.0.0.1          UGRS        0        0  32972   lo0
> > 127.0.0.1          127.0.0.1          UH          2        0  32972   lo0
> > 224/4              127.0.0.1          URS         0        0  32972   lo0
> >
> > $ sudo ipf -V
> > Password:
> > ipf: IP Filter: v3.4.16 (256)
> > Kernel: IP Filter: v3.4.16
> > Running: yes
> > Log Flags: 0 = none set
> > Default: pass all, Logging: available
> > Active list: 0
> >
> > $ sudo ipfstat -s
> > IP states added:
> >         72271 TCP
> >         0 UDP
> >         0 ICMP
> >         17477199 hits
> >         6984888 misses
> >         0 maximum
> >         0 no memory
> >         1132 bkts in use
> >         1249 active
> >         0 expired
> >         71022 closed
> >
> > cat /var/run/dmesg.boot
> > OpenBSD 2.9-stable (KETAMINE) #0: Tue Aug 21 16:47:45 CEST 2001
> >     root_(_at_)_ketamine:/sys/arch/i386/compile/KETAMINE
> > cpu0: Intel Pentium II ("GenuineIntel" 686-class, 512KB L2 cache) 449
> > MHz
> > cpu0:
> >
> FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SYS,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,
> FXSR
> > real mem  = 267956224 (261676K)
> > avail mem = 245596160 (239840K)
> > using 3296 buffers containing 13500416 bytes (13184K) of memory
> > mainbus0 (root)
> > bios0 at mainbus0: AT/286+(2f) BIOS, date 01/20/99, BIOS32 rev. 0 @
> > 0xfd824
> > bios0: ROM list: 0xc0000/0x8000 0xc8000/0x3800 0xcb800/0x800
> > 0xcc000/0x800
> > pci0 at mainbus0 bus 0: configuration mode 1 (bios)
> > pchb0 at pci0 dev 0 function 0 "Intel 82443BX" rev 0x03
> > fxp0 at pci0 dev 11 function 0 "Intel 82557" rev 0x05: irq 11, address
> > 00:08:c7:05:12:91
> > inphy0 at fxp0 phy 1: i82555 10/100 media interface, rev. 0
> > de0 at pci0 dev 12 function 0 "DEC DECchip 21142/3" rev 0x30: irq 11
> > de0: DEC DE500-BA 21143 [10-100Mb/s] pass 3.0 address 08:00:2b:c3:59:de
> > siop0 at pci0 dev 13 function 0 "Symbios Logic 53c875" rev 0x37: irq 11,
> > has RAM
> > scsibus0 at siop0: 16 targets
> > sd0 at scsibus0 targ 15 lun 0: <FUJITSU, MAE3091LP, 0109> SCSI2 0/direct
> > fixed
> > siop0: target 15 now using tagged 16 bit 20 MHz 16 REQ/ACK offset xfers
> > sd0: 8704MB, 12001 cyl, 4 head, 371 sec, 512 bytes/sec, 17826240 sec
> > total
> > siop1 at pci0 dev 13 function 1 "Symbios Logic 53c875" rev 0x37: irq 10,
> > has RAM
> > scsibus1 at siop1: 16 targets
> > de1 at pci0 dev 14 function 0 "DEC DECchip 21142/3" rev 0x30: irq 11
> > de1: DEC DE500-BA 21143 [10-100Mb/s] pass 3.0 address 08:00:2b:c3:41:e9
> > fxp1 at pci0 dev 15 function 0 "Intel 82557" rev 0x05: irq 5, address
> > 00:a0:c9:fc:86:a6
> > inphy1 at fxp1 phy 1: i82555 10/100 media interface, rev. 0
> > de2 at pci0 dev 16 function 0 "DEC DECchip 21142/3" rev 0x30: irq 11
> > de2: DEC DE500-BA 21143 [10-100Mb/s] pass 3.0 address 08:00:2b:c3:80:06
> > pcib0 at pci0 dev 18 function 0 "Intel 82371AB PIIX4 ISA" rev 0x02
> > pciide0 at pci0 dev 18 function 1 "Intel 82371AB IDE" rev 0x01: DMA,
> > channel 0 wired to compatibility, channel 1 wired to compatibility
> > atapiscsi0 at pciide0 channel 0
> > scsibus2 at atapiscsi0: 2 targets
> > cd0 at scsibus2 targ 0 lun 0: <TOSHIBA, CD-ROM XM-6502B, 1013> SCSI0
> > 5/cdrom removable
> > pciide0: channel 0 interrupting at irq 14
> > cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
> > "Intel 82371AB USB" rev 0x01 at pci0 dev 18 function 2 not configured
> > "Intel 82371AB Power Management" rev 0x02 at pci0 dev 18 function 3 not
> > configured
> > vga1 at pci0 dev 20 function 0 "Cirrus Logic CL-GD5480" rev 0x23
> > wsdisplay0 at vga1: console (80x25, vt100 emulation)
> > wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
> > isa0 at pcib0
> > isadma0 at isa0
> > pckbc0 at isa0 port 0x60/5
> > pckbd0 at pckbc0 (kbd slot)
> > pckbc0: using irq 1 for kbd slot
> > wskbd0 at pckbd0: console keyboard, using wsdisplay0
> > pcppi0 at isa0 port 0x61
> > sysbeep0 at pcppi0
> > lpt0 at isa0 port 0x378/4 irq 7
> > npx0 at isa0 port 0xf0/16: using exception 16
> > pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
> > pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
> > fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
> > fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
> > biomask 4c40 netmask 4c60 ttymask 4ce2
> > pctr: 686-class user-level performance counters enabled
> > mtrr: Pentium Pro MTRR support
> > dkcsum: sd0 matched BIOS disk 80
> > root on sd0a
> > rootdev=0x400 rrootdev=0xd00 rawdev=0xd02
> > de1: enabling Full Duplex 100baseTX port
> > de2: enabling Full Duplex 100baseTX port
> >
> > Regards,
> >
> >            Robin Gruyters | My parents compiled me -DPARANOID
> >  robin_(_at_)_groovebasement_(_dot_)_com | http://www.groovebasement.com/
> >            Groovebasement |
> >  ------------------------------------------------------------
> >  "Wanting to be a rock star is as legitimate as wanting to be
> >  a fireman or an astronaut. It's like being a doctor, only
> >  you get more girls to take their clothes off for you and you
> >  get to f*ck 'm." ;-)
> 

Regards,

           Robin Gruyters | My parents compiled me -DPARANOID
 robin_(_at_)_groovebasement_(_dot_)_com | http://www.groovebasement.com/
           Groovebasement |
 ------------------------------------------------------------
 "Wanting to be a rock star is as legitimate as wanting to be
 a fireman or an astronaut. It's like being a doctor, only
 you get more girls to take their clothes off for you and you
 get to f*ck 'm." ;-)



Visit your host, monkey.org