Re: bridge with tap - trying to set up openvpn server

To: yancm%sdf.lonestar.org@localhost
Subject: Re: bridge with tap - trying to set up openvpn server
From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
Date: Wed, 6 Apr 2011 12:44:57 +0200

On Wed, Apr 06, 2011 at 06:34:15AM -0400, yancm%sdf.lonestar.org@localhost 
wrote:
> > On Tue, Apr 05, 2011 at 08:00:17AM -0400, yancm%sdf.lonestar.org@localhost 
> > wrote:
> >> Could I have something munged in the kernel config?
> >>
> >> Do I need to do something in ipf (more than I have already done)?
> >
> > Did you try without ipf first ?
> 
> Not first...but I just recompiled the kernel without BRIDGE_IPF.
> Still same result, wm1 seems to seize. Here's a little more console
> diagnostics...with mildly sanitized ethernet addresses.
> 
> # brconfig -a
> bridge0: flags=41<UP,RUNNING>
>         Configuration:
>                 priority 32768 hellotime 2 fwddelay 15 maxage 20
>                 ipfilter disabled flags 0x0
>         Interfaces:
>                 tap0 flags=3<LEARNING,DISCOVER>
>                         port 5 priority 128
>                 wm1 flags=3<LEARNING,DISCOVER>
>                         port 2 priority 128
>         Address cache (max cache: 100, timeout: 1200):
>                 xx:c0:49:db:yy:59 wm1 996 flags=0<>
>                 xx:1c:e8:23:yy:01 wm1 984 flags=0<>
>                 xx:06:88:94:yy:5f wm1 711 flags=0<>
>                 xx:b9:e8:f4:yy:5c wm1 690 flags=0<>
>                 xx:11:5b:19:yy:c2 wm1 643 flags=0<>
>                 xx:0c:29:5e:yy:f2 wm1 618 flags=0<>
>                 xx:11:d9:34:yy:6a wm1 606 flags=0<>
>                 xx:00:5a:9e:yy:92 wm1 603 flags=0<>
>                 xx:e0:18:db:yy:3d wm1 600 flags=0<>
> [NOTE: adding and deleting tap0 has no functional effect]

the bridge has collected addresses on wm1, so it's receiving
packets.

> 
> >> Suggestions for further diagnostics?
> >
> > does tcpdump on wm1 show some traffic ?
> 
> tcpdump on the console shows a fair amount of traffic on wm1 (?!)
> I'm not very familiar with tcpdump, but I used:
> # tcpdump -i wm1 -lq
> Packets seem to be flowing to/from several hosts on my network
> UDP packets report lengths != 0
> all tcp packet lines end in tcp 0 (means zero length?)
> 
> Anything else to try?

Hum, just a though. Do you have some vlans configured on wm1 ?
Did you setup checksum offlload ?

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--

Follow-Ups:
- Re: bridge with tap - trying to set up openvpn server
  - From: yancm

References:
- bridge with tap - trying to set up openvpn server
  - From: yancm
- Re: bridge with tap - trying to set up openvpn server
  - From: Manuel Bouyer
- Re: bridge with tap - trying to set up openvpn server
  - From: yancm
- Re: bridge with tap - trying to set up openvpn server
  - From: Manuel Bouyer
- Re: bridge with tap - trying to set up openvpn server
  - From: yancm
- Re: bridge with tap - trying to set up openvpn server
  - From: Manuel Bouyer
- Re: bridge with tap - trying to set up openvpn server
  - From: yancm

Prev by Date: Re: bridge with tap - trying to set up openvpn server
Next by Date: Re: bridge with tap - trying to set up openvpn server
Previous by Thread: Re: bridge with tap - trying to set up openvpn server
Next by Thread: Re: bridge with tap - trying to set up openvpn server
Indexes:

Home | Main Index | Thread Index | Old Index