Community discussions

MUM Europe 2020
 
ktw-matt
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 97
Joined: Fri Mar 03, 2006 8:32 pm
Location: USA

Bridging questions

Tue Jul 25, 2006 5:10 pm

Hi everyone,

I have some questions about bridging interfaces.. I can't seem to find the answer or am still unsure of the answers.

1a) I have 3 wireless interfaces bridged, and I want them set to arp=reply-only, do I: set this on all three interfaces and / or the bridge?
1b) If I make a bridge, should I deal with those interfaces only thru the bridge interface from then on out?
2) For firewall filtering these interfaces, should I do this under bridge filtering or the normal ip filtering? (So obvious, I figure, but could you use either one for bridges?)
3) If I enable STP on a bridge, and there happens to be a loop as a result of one of our customers, wouldn't STP disable the port that the loop is coming from? Or would it fix the problem somehow?
4) Would the wireless clients on this bridge see the MAC address of the bridge, or the MAC of the wireless card - if say, I had one IP address per wireless interface. (Probably the MAC of the wireless card if I placed an IP on a wireless interface, and otherwise, the MAC of the bridge if I placed an IP on the bridge?)
 
User avatar
tneumann
Member
Member
Posts: 394
Joined: Sat Apr 16, 2005 6:38 pm
Location: Germany

Re: Bridging questions

Tue Jul 25, 2006 10:54 pm

1a) I have 3 wireless interfaces bridged, and I want them set to arp=reply-only, do I: set this on all three interfaces and / or the bridge?
ARP is only relevant for interfaces that have one or more IP addresses assigned. In a bridged setup the IP address should always be set on the bridge interface, never on the physical member port interfaces, therefore you need to set arp=reply-only on the bridge interface.
1b) If I make a bridge, should I deal with those interfaces only thru the bridge interface from then on out?
Not sure what you mean...

2) For firewall filtering these interfaces, should I do this under bridge filtering or the normal ip filtering? (So obvious, I figure, but could you use either one for bridges?)
Use ip filtering firewall for traffic that flows through/between IP networks and bridge filtering to control the flow of packets on layer 2 within a particular bridge only.

3) If I enable STP on a bridge, and there happens to be a loop as a result of one of our customers, wouldn't STP disable the port that the loop is coming from? Or would it fix the problem somehow?
It will fix the problem by blocking the port that causes the loop :P
4) Would the wireless clients on this bridge see the MAC address of the bridge, or the MAC of the wireless card - if say, I had one IP address per wireless interface. (Probably the MAC of the wireless card if I placed an IP on a wireless interface, and otherwise, the MAC of the bridge if I placed an IP on the bridge?)
See question 1a - the IP address should be on the bridge interface, therefore the MAC address that the clients will learn (as far as ARP is concerned) will be that of the bridge interface. However, on the wireless (802.11 a/b/g) layer the MAC addresses of the individual radios will still be relevant (BSSID, wireless associations, stuff like that) so the answer depends on the network layer we're talking about.


--Tom
 
ktw-matt
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 97
Joined: Fri Mar 03, 2006 8:32 pm
Location: USA

Wed Jul 26, 2006 12:02 am

Thanks for the answers! This clears things up. :)

That'll be it for now, but if I have any other questions, you'll probably hear from me again. Thanks!

Who is online

Users browsing this forum: nikolka1543, valnuke and 115 guests