4. Bridge configuration on version 2.3.2p1

Bridge configuration on version 2.3.2p1

  • 7

    I have attempted the bridge interface configuration several different ways without success. 
    My final configuration will be attempting to bridge an OpenVPN network for backup/failover offsite servers.

    Interface setup:
    EM0: WAN
    EM1: Admin
    EM2: VLAN 551
    EM3: VLAN 552
    Brg551552: Bridge of 551/552

    net.link.bridge.pfil_member Packet filter on the member interface 0
    net.link.bridge.pfil_bridge Packet filter on the bridge interface 1

    As soon as I add 551 to the Bridge interface, I loose local connection from the PC 10.5.5.70 to the router 10.5.5.1.  All firewall rules are allowing any/any on all internal interfaces.  Are there any other settings required to add an existing interface to a bridge group?

    Below is the detailed interface setup.

    WAN Interface (wan, em0)
    Status
    up
    MAC Address
    00:0c:29:d8:10:cd
    IPv4 Address
    206.30.30.178
    Subnet mask IPv4
    255.255.255.252
    Gateway IPv4

    21ADMIN Interface (lan, em1)
    Status
    up
    MAC Address
    00:0c:29:d8:10:d7
    IPv4 Address
    10.201.1.70
    Subnet mask IPv4
    255.255.255.0

    TEST551 Interface (opt1, em2)
    Status
    up
    MAC Address
    00:0c:29:d8:10:e1
    IPv4 Address
    10.5.5.1
    Subnet mask IPv4
    255.255.255.0
    IPv6 Link Local
    fe80::20c:29ff:fed8:10e1%em2
    MTU
    1500
    Media
    1000baseT <full-duplex>In/out packets
    2962/4603 (265 KiB/5.72 MiB)
    In/out packets (pass)
    2962/4603 (265 KiB/5.72 MiB)
    In/out packets (block)
    92/0 (7 KiB/0 B)
    In/out errors
    0/0
    Collisions
    0
    Bridge (bridge0)
    learning

    TEST552 Interface (opt2, em3)
    Status
    up
    MAC Address
    00:0c:29:d8:10:eb
    IPv6 Link Local
    fe80::20c:29ff:fed8:10eb%em3
    MTU
    1500
    Media
    1000baseT <full-duplex>In/out packets
    5/3 (334 B/304 B)
    In/out packets (pass)
    5/3 (334 B/304 B)
    In/out packets (block)
    13/0 (857 B/0 B)
    In/out errors
    0/0
    Collisions
    0
    Bridge (bridge0)
    learning

    BRG551552 Interface (opt4, bridge0)
    Status
    up
    MAC Address
    02:ac:43:2f:d6:00
    MTU
    1500
    In/out packets
    10/5 (668 B/334 B)
    In/out packets (pass)
    10/5 (668 B/334 B)
    In/out packets (block)
    10/0 (1 KiB/0 B)
    In/out errors
    0/0
    Collisions
    0</full-duplex></full-duplex>

    0
  • 7

    Fixed.  Since bridging anything is just a bad idea, the Cisco 3850 was blocking it through spanning-tree.  Once spanning-tree was disabled, everything is up and colliding normally… :-\

    0
  • LAYER 8 Global Moderator

    "Since bridging anything is just a bad idea"

    Hey there you go your getting it ;)

    So I am really confused with this statement

    EM2: VLAN 551
    EM3: VLAN 552
    Brg551552: Bridge of 551/552

    So your 2 different vlans are on the same layer 3 network?  Makes Zero sense.. If your wanting to bridge 2 layer 2 networks.  This would become 1 vlan..  With 1 layer 3 network on it.  So why would you call it 2 different vlans with 2 different vlan tags??

    "Once spanning-tree was disabled"

    That seems like a really bad idea if you ask me…

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy