requesting help with "New" way to do Bridging in OpenBSD 4.7
Im upgrading a PF firewall to OpenBSD 4.7 and noticed the way that bridges
are set up seems to have changed. Ive still got the old firewall running, and am working on the new one in parallel so I can compare them
In the old firewall (obsd 4.5) it looks like the bridge is configured at boot based on the /etc/bridgename.bridge0 file...
---begin detail for old obsd 4.5 firewall----
# cat /etc/bridgename.bridge0
# uname -a
OpenBSD blegga 4.5 GENERIC#1749 i386
# ifconfig bridge0
bridge0: flags=41<UP,RUNNING> mtu 1500
---- end detail for old obsd 4.5 -----
When I copied this file over to OBSD 4.7, it didnt seem to get activated
at boot. So I looked at the init scripts and renamed it to /etc/hostname.bridge0
Now it seems to be activated, but I see a lot more stuff when I look at the bridge with ifconfig
---begin detail for new obsd 4.7 firewall----
# uname -a
OpenBSD yadda 4.7 GENERIC.MP#130 amd64
# cat /etc/hostname.bridge0
# ifconfig bridge0
priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp
designated: id 00:00:00:00:00:00 priority 0
port 4 ifpriority 0 ifcost 0
port 1 ifpriority 0 ifcost 0
Addresses (max cache: 100, timeout: 240):
00:11:4f:cd:0b:9b em0 1 flags=0<>
00:01:ba:4b:30:bf em0 1 flags=0<>
00:13:72:64:0f:64 em0 1 flags=0<>
00:55:56:97:56:64 em0 1 flags=0<>
00:0f:1f:6d:10:a9 em0 1 flags=0<>
.... many more lines omitted....
---end detail for new obsd 4.7 firewall----
Note: the pf firewall is running with the same ruleset as the old firewall, but the new fw is bridging from the public net to a test switch with only 1 host behind it.
Do I need to change my bridge syntax? Are there new options that werent there for bridges in 4.5 that are now in 4.7? Im confused and want to understand this. Is there an upgrade guide for using Bridges in the new 4.7?
I guess my questions are:
1) is setting up the bridge by using "/etc/hostname.bridge0" the new
2) does my bridge configuration syntax look ok?
3) Has anything changed so that bridge will behave differently in 4.7?
4) what are all the extra details in "ifconfig bridge0" ?
I've always been able to copy over the bridge file as is for years, this is the first time it didnt work. Any help/info appreciated!
It is worth your time to study this document for each new version especially when old configuration files are being dragged forward.
|Thread||Thread Starter||Forum||Replies||Last Post|
|How to replace "ectags" with "ctags"?||fender0107401||OpenBSD Packages and Ports||5||4 Weeks Ago 10:01 AM|
|wpa_supplicant errors: "CTRL-EVENT-SCAN-RESULTS"||jackburke||FreeBSD General||0||31st January 2010 11:07 PM|
|Fixed "xinit" after _7 _8, "how" here in case anyones' "X" breaks... using "nvidia"||jb_daefo||Guides||0||5th October 2009 09:31 PM|
|"Thanks" and "Edit Tags".||diw||Feedback and Suggestions||2||28th March 2009 11:06 PM|
|Newbie-friendly "printing in OpenBSD" guide wanted||Shagbag||OpenBSD Packages and Ports||5||7th July 2008 09:26 PM|