RE: creating a netbsd router

[Derrick Lobo <derrick.lobo%givex.com@localhost>]

Yes I have routing and running DHCP/DNS on this device..

As for IP address on the bridge interface I did try it, but it may have not 
worked since I did not have the ifconfig file with "UP" in them.. I have two 
static IPs on LAN so im not sure if an alias would work on a bridge 
interface since I don’t see an option on brconfig for it.  But yes seems 
like it will work if I have just one LAN IP address(I run an app on the 
alias interface.).

Derrick Lobo


-----Original Message-----
From: Johnny Billquist [mailto:bqt%update.uu.se@localhost]
Sent: Wednesday, July 19, 2017 4:44 PM
To: Brook Milligan; Derrick Lobo
Cc: Francisco Valladolid H.; netbsd-users%netbsd.org@localhost
Subject: Re: creating a netbsd router

On 2017-07-19 20:01, Brook Milligan wrote:
>
>> On Jul 19, 2017, at 10:01 AM, Derrick Lobo <derrick.lobo%givex.com@localhost> 
>> wrote:
>>
>> So does that means each of the interface has an ip eg 192.168.0.1 on
>> wm1
>> 192.168.0.2 on wm2 and so on and then just bridge all the interface.
>> Ill try that . for now only wm1 had an ip the rest did not have an
>> ifconfig.wmx file
>
> I have a setup more or less like what I think you are interested in: 1 
> uplink port and 3 bridged ports.
>
> The uplink port is just marked up in its ifconfig file and gets its IP via 
> dhcp from upstream.

Right. In addition, it might be worth pointing out that you need to enable 
routing in the system, or else the machines connected to the bridge will not 
be able to reach outside. You might also want to turn on a dhcp server for 
the bridge side, so that machines connected on that side gets an ip address, 
but all that are parts you are free to play with as you wish.

> Only one of the 3 bridged ports is assigned an IP; the rest are just 
> marked up in their ifconfig files.  All four ports have individual 
> ifconfig files.
>
> My ifconfig.bridge0 file looks like this:
>
> create
> !brconfig $int \
>         add wm1 \
>         add wm2 \
>         add wm3 \
>         up
>
> Whatever is plugged into any of the 3 bridged ports just communicate 
> amongst themselves just like a “real” switch.

Right. I'm a bit surprised if you really need to set an ip address on any of 
those interfaces. Seems illogical and unnecessary. When you add them to the 
bridge, they will all be set in promiscuous mode anyway. No IP address 
needed. However, you do need your own IP address on this bridge, which I 
would think you normally setup through the bridge interface itself. And 
then, with routing enabled, machines on the inside can reach out. You might 
also want to run nat on this, unless you have a public range of ip 
addresses.

But it's all fairly straight forward, if you just think about it.

	Johnny

-- 
Johnny Billquist                  || "I'm on a bus
                                   ||  on a psychedelic trip
email: bqt%softjar.se@localhost             ||  Reading murder books
pdp is alive!                     ||  tryin' to stay hip" - B. Idol