Ellhniko Bridging mini-Howto Christopher Cole cole@coledd.com v1.11, 7 Septembrioy 1998 To eggrafo ayto perigrafei pws na sthsete mia ethernet gefyra. Ti einai mia ethernet gefyra; Einai mia syskeyh poy elegxei ta paketa dedomenwn mesa se ena ypodiktyo prospa8wntas na meiwsei thn kyklofo ria. H gefyra einai synh8ws metaju duo jexwristwn omadwn ypologistwn, poy enw miloun polu metaju toys, spaniws mila h mia omada me thn allh. Ena kalo paradeigma einai an skeftoume mia omada me Macintosh kai mia omada me Unix mhxanhmata. Kai oi duo omades exoyn ayjhmenh kinhsh entos toys, opote h kinhsh ayth dhmioyrgei sygkrouseis me thn kinhsh ths allhs omadas. H gefyra topo8eteite metaju twn duo omadwn. H doyleia ths einai na elegxei ta dedomena poy antallassontai kai na apofasisei an xreiazetai na perasoyn sthn allh pleyra ths gefyras. To apotelesma einai ena grhgorotero kai pio isxyro diktyo me ligoteres sygkrouseis. --- Gia opoiadhpote sxolia, dior8wseis, klp sxetika me thn ellhnikh metafrash epikoinwnhste me ton Panagiwth Boydourh sth dieu8ynsh: panos@veria1.freeserve.co.uk ______________________________________________________________________ Table of Contents 1. Setup 2. Syxna problhmata ______________________________________________________________________ 1. Setup 1. Breite to ``Bridge Config'': <ftp://shadow.cabi.net/pub/Linux/BRCFG.tgz> 2. Energopoihste pollaples ethernet syskeyes bazontas to parakatw sto /etc/lilo.conf, kai jana-trexontas to lilo: append = "ether=0,0,eth1" An exete treis syskeyes sth gefyra balte to parakatw anti twn anw: append = "ether=0,0,eth1 ether=0,0,eth2" Perissoteres syskeyes mporoun na proste8oun me perissoteres dhlwseis ether. Enas etoimos pyrhnas caxnei gia mia karta kai molis th brei stamata to cajimo. Me thn parapanw entolh synexizei na caxnei kai meta thn prwth karta. Anti twn anw, mporeite na xrhsimopoihsete thn parakatw parametro ekkinhshs: linux ether=0,0,eth1 H me 3 syskeyes: linux ether=0,0,eth1 ether=0,0,eth2 3. Anametalwttiste ton pyrhna me to BRIDGING energopoihmeno. 4. H gefyra de 8a prepei na exei IP dieu8ynsh. MPOREI na exei alla mia aplh gefyra den thn xreiazetai. Gia na afairesete thn IP dieu8ynsh apo th gefyra sas, phgainete sto /etc/sysconfig/network- scripts/ (gia RedHat susthma) kai antigracte to ifcfg-lo0 se ifcfg- eth0 & ifcfg-eth1. Sta duo ayta arxeia allajte th grammh poy periexei to ``DEVICE=lo'' se ``DEVICE=eth0'' kai ``DEVICE=eth1''. Alles dianomes mporei na diaferoyn, kante o,ti xreiazetai! An exete panw apo duo syskeyes sth gefyra sigoyreyteite na dior8wsete oles tis ry8miseis. 5. Epanekkinhsh, wste na exete ton neo pyrhna kai janasigoyreyteite oti h gefyra den exei IP diey8unseis. 6. Molis to susthma jekinhsei, balte tis ethernet kartes se promiscuous mode, wste na elegxoyn otidhpote pernaei apo aytes: ifconfig eth0 promisc ; ifconfig eth1 promisc Oles oi kartes poy einai na synde8oun se gefyra prepei na mpoyn se promiscuous mode. 7. Energopoihste to bridging xrhsimopoiwntas to programma brcfg: brcfg -ena 8. Bebaiw8eite oti yparxei diaforetikh kinhsh se ka8e tmhma: tcpdump -i eth0 (in one window) tcpdump -i eth1 (in another window) 9. Trejte ena sniffer h to tcpdump se allo mhxanhma gia na deite oti h gefyra apokoptei ta tmhmata kanonika. 2. Syxna problhmata 1. Question Pairnw to mhnyma ioctl(SIOCGIFBR) failed: Package not installed Ti shmainei; Answer Den exete bridging dynatothtes ston pyrhna. Parte pyrhna 2.0 h megalutero, kai anametaglwttiste to me thn epilogh BRIDGING energopoihmenh. 2. Question Mhxanhmata sth mia pleyra de mporoun na kanoyn ping sthn allh! Answer · Energopoihsate to bridging me ``brcfg -ena''; (to brcfg 8a prepei na leei ``bridging is ENABLED'') · Balate tis kartes se promiscuous mode? (gracte ``ifconfig''. To ``PROMISC'' prepei na emfanistei kai stis duo pleyres.) · An xrhsimopoieite kartes diasundeshs pollaplwn meswn sigoyreyteite oti to swsto exei energopoih8ei. Isws xreiastei na xrhsimopoihsete to programma ry8misewn poy phrate me thn karta. 3. Question De mporw na kanw telnet/ftp apo th gefyra! Giati; Answer Ayto de ginetai efoson den yparxei IP dieu8ynsh sth gefyra. H gefyra prepei na einai ena diafano meros toy diktuoy. 4. Question Ti prepei na kanw gia na ry8misw th dromologhsh; Answer Tipota! H dromologhsh elegxetai apo ton kwdika toy pyrhna. Gia na deite tis ethernet diey8unseis opws ma8ainontai apo th gefyra xrhsimopoihste to brcfg se debug mode: brcfg -deb 5. Question H gefyra fainetai na doyleuei, alla to ``traceroute'' de deixnei th gefyra ws meros ths diadromhs. Answer Logw ths fushs ths gefyras, to ``traceroute'' DEN prepei na deijei th gefyra. H gefyra einai diafanhs sto diktyo. 6. Question Einai aparaithto na metaglwttisw ton pyrhna me IP_FORWARD; Answer Oxi. O kwdikas gia to bridging ston pyrhna frontizei gia th metafora. To IP_FORWARD einai gia pulh poy exei IP dieu8ynsh. 7. Question Giati oi diey8unseis gia th 8ura 1 kai 8ura 2 einai idies sumfwna me to ``brcfg''; De 8a eprepe na einai diaforetikes; Answer Oxi. Ka8e 8ura sth gefyra exei epithdes thn idia dieu8ynsh, opws dinetai apo ton kwdika toy bridging. 8. Question To bridging den emfanizetai ws epilogh otan kanw make config gia ton pyrhna. Pws to energopoiw; Answer Kata thn parametropoihsh, apanthste 'Y' sthn erwthsh: ``Prompt for development and/or incomplete code/drivers (CONFIG_EXPERIMENTAL) [Y/n/?]''. 9. Question Polloi komboi (hubs, 4 h parapanw) syndemena se seira prokaloun problhmata sygxronismou se ethernet. Ti epiptwseis exei ayto se ena ypodiktyo poy einai sthmeno me hubs; Answer H gefyra anaorizei ton kanona twn 3/4/5 kombwn. H gefyra den xeirizetai ta paketa dedomenwn opws ena hub, opote den dhmioyrgei problhmata sygxronismou sto diktyo. 10. Question Mporei mia gefyra na syndesei duo tmhmata me 10Mb kai 100Mb; Tetoia diamorfwsh 8a ephreasei thn taxuthta sthn grhgora pleyra; Answer Nai, h gefyra mporei na syndesei ena tmhma 10Mb me ena tmhma 100Mb. Efoson h karta diktuoy sto grhgoro diktyo ftanei ta 100Mb, to TCP frontizei gia ta ypoloipa. Fysika, ta dedomena apo to grhgoro pros to argo tmhma 8a metaferontai me 10Mb/s, alla h ypoloiph kinhsh sto grhgoro diktyo den epibradunetai.