Proper Bridge Configuation

Started by Don Jarvis

Don Jarvis

Proper Bridge Configuation   20 April 2006, 18:19

Andrew:

I'm having troubles getting BM to pass traffic in bridge mode. It worked for a while but after a reboot, it stopped working and I can't get it to work again. Here is my configuration: P4 2.8 gig processor running xppro-sp2 with firewall turned off and 3 network interfaces. One on the motherboard and 2 on an Intel dual ethernet server card. The only software running on the computer is BM and SimpleDNS's DNS/DHCP server.

On the Intel card (both used by BM in bridging mode) the interfaces are configured as:
-------Internet Interface with 10.90.100.100 / 255.255.0.0 / dg 10.90.9.3 NAT'd router / dns 127.0.0.1 (local machine)
-------Client Side Lan 10.90.100.200 / 255.255.0.0 / dg - blank / dns 127.0.0.1
-------Motherboard 10.90.100.170 / 255.255.0.0 / dg blank / dns 127.0.0.1

The internet lan plugs into the router and the local lan and motherboard lan into a common switch. To make sure applications didn't conflict, I set up simple DNS / DHCP to run on the 10.90.100.170 interface. DHCP gives out an address in the 10.90.200.1 thru .254 range / 255.255.0.0 / dg of 10.90.9.3 / dns 10.90.100.170. BM uses the two intel ports and is set up to run as a service. Several filter rules have been set up but none are set to block traffic, only identify http, ftp, etc.

Questions:

(1) Are the above IPs setup correctly? Your documentation doesn't mention whether or not to set up a default gateway or one or all of the cards?
(2) I have tried setting the dg on one, some, and all of the 3 ethernet interfaces but traffic still does not flow.
(3) What gives. It would be real nice to give specific examples in the documentation for new users.

Thank you,

Don Jarvis
TSP
SoftPerfect Support forum - Andrew avatar image

Re: Proper Bridge Configuation   20 April 2006, 21:16

Yes, these IP addresses look correct. No need to specify the default gateway as well as DNS on the cards connected to the switch. But I don't think it is the reason why it stops working... First of all, please tell what is in the program event log (I mean the bandwidth manager internal event log, not Windows logging). See Tools - Event Log from the main menu.
Don Jarvis

Re: Proper Bridge Configuation   21 April 2006, 01:44

Andrew,

The event log is short and looks normal.

Service started.
Network settings updated.
First Lan is promiscuous.
Second Lan is promiscuous.

Thats all.

The really wierd thing is that I cannot ping the default gateway or the internet lan 10.90.100.100 from the firewall and IE doesnt run. DNS is not resolving addresses. From the local BM box I can ping all three interfaces. Sounds like one of my ports on the dual intel card is acting flaky. Fixed the ping issue on the 10.90.100.200 card. Its ip had changed to 192.168.100.200.

REQUEST. Could you email me a set of default rules which break out traffic flow by application type, i.e., ftp, http, etc. When it was working earlier yesterday, I had a general rule for all traffic working but the specific traffic types never showed any data flow.

The specific rules were infront of the general rule.

Thank you,

Don
Don Jarvis

Re: Proper Bridge Configuation   21 April 2006, 01:51

Andrew,

Another quick question. Do I really need a third interface card for my DNS / DHCP server or can I configure it to run on one of the bridged ports?

Don
SoftPerfect Support forum - Andrew avatar image

Re: Proper Bridge Configuation   22 April 2006, 00:25

No, the third interface is not required. Let me explatin how bridging works, probably it would help a bit.

1. If a received packet is a broadcast packet - it is accepted by the host running the manager and at the same time forwarded to the second card in the bridge.

2. If a received packet is a packet directed to the machine running the manager - it is accepted and is NOT forwarded to the second card in the bridge.

3. If a received packet is a packet directed to another machine - it is NOT accepted by the machine running the manager, but is forwarded to the second card in the bridge.

In other words, it works as a transparent bridge. The host with the bridge works as an ordinary host, but it forwards the traffic directed to other machines through itself. All decisions are based on MAC addresses. I'd recommend to remote/disable the third card, it may help.

As to your question about rules for different application types, just use the option 'Port list' or 'Port range' istead of 'Any port'. Use ports 80,8080,443 for web, 21 for FTP, 25 and 110 for mail, etc. These are so called well-known ports.

Sometimes you can get the answer faster if you try the forum search and/or have a look at the software user manual to see if your question has already been answered.

Our forum rules are simple:

  • Be polite.
  • Do not spam.
  • If possible, check your spelling and grammar.

Author:

Email:

Subject

A brief and informative title for your message, approximately 4–8 words:

     

Spam prevention: please enter the following code in the input field below.

 **     **  ********   ********  **    **  **     ** 
 **     **  **     **  **    **  **   **   **     ** 
 **     **  **     **      **    **  **    **     ** 
 **     **  ********      **     *****     **     ** 
  **   **   **           **      **  **     **   **  
   ** **    **           **      **   **     ** **   
    ***     **           **      **    **     ***    

Message: