'Re: [Bridge] Man-in-the-middle scenario within vmware - problem'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-bridge
Subject:    Re: [Bridge] Man-in-the-middle scenario within vmware - problem
From:       Patrick Nagel <mail () patrick-nagel ! net>
Date:       2006-12-13 20:26:57
Message-ID: 200612132127.09421.mail () patrick-nagel ! net
[Download RAW message or body]

[Attachment #2 (multipart/signed)]

Hi Stephen,

thanks for answering!

> Did you wait until after the "forwarding delay" expired (30 seconds) or set
> turn forwarding delay off?
Yes to waiting.

> It may be that the ehternet driver doesn't support promiscious mode
> and/or doesn't expect non-local source adresses. You need to see where
> packets are being dropped, could be the ethernet driver, or switch with
> network access control or inside the bridge.
The driver seems to support promiscious mode, as I get the following from 
dmesg after setting up the bridge:

[17179785.256000] Bridge firewalling registered
[17179785.264000] device eth0 entered promiscuous mode
[17179785.264000] audit(1166040131.368:2): dev=eth0 prom=256 old_prom=0 
auid=4294967295
[17179785.268000] device eth1 entered promiscuous mode
[17179785.268000] audit(1166040131.372:3): dev=eth1 prom=256 old_prom=0 
auid=4294967295
[17179785.272000] eth0: link up
[17179785.280000] eth1: link up
[17179785.284000] lnxbr0: port 2(eth1) entering learning state
[17179785.284000] lnxbr0: port 1(eth0) entering learning state
[17179795.336000] eth1: no IPv6 routers present
[17179795.848000] eth0: no IPv6 routers present
[17179796.040000] lnxbr0: no IPv6 routers present
[17179800.284000] lnxbr0: topology change detected, propagating
[17179800.284000] lnxbr0: port 2(eth1) entering forwarding state
[17179800.284000] lnxbr0: topology change detected, propagating
[17179800.284000] lnxbr0: port 1(eth0) entering forwarding state

Look at those "screenshots":

After some "ping" packets from PC1 to PC2, the statistics look like this:

$ ifconfig eth0 && ifconfig eth1 && ifconfig lnxbr0
eth0      Link encap:Ethernet  HWaddr 00:0C:29:6D:F0:55
          inet6 addr: fe80::20c:29ff:fe6d:f055/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:48 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2880 (2.8 KiB)  TX bytes:468 (468.0 b)
          Interrupt:177 Base address:0x1080

eth1      Link encap:Ethernet  HWaddr 00:0C:29:6D:F0:5F
          inet6 addr: fe80::20c:29ff:fe6d:f05f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:3348 (3.2 KiB)
          Interrupt:185 Base address:0x1400

lnxbr0    Link encap:Ethernet  HWaddr 00:0C:29:6D:F0:55
          inet6 addr: fe80::20c:29ff:fe6d:f055/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:48 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2208 (2.1 KiB)  TX bytes:468 (468.0 b)

So the packets come in on eth0, and they're sent out on eth1, but there is no 
answer received from PC2. BUT on PC2, ifconfig says that there were 57 
packets in and 57 packets out on eth0.

Now let's do it the other way round:

$ ifconfig eth0 && ifconfig eth1 && ifconfig lnxbr0
eth0      Link encap:Ethernet  HWaddr 00:0C:29:6D:F0:55  
          inet6 addr: fe80::20c:29ff:fe6d:f055/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:48 errors:0 dropped:0 overruns:0 frame:0
          TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:2880 (2.8 KiB)  TX bytes:1548 (1.5 KiB)
          Interrupt:177 Base address:0x1080 

eth1      Link encap:Ethernet  HWaddr 00:0C:29:6D:F0:5F  
          inet6 addr: fe80::20c:29ff:fe6d:f05f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:18 errors:0 dropped:0 overruns:0 frame:0
          TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1080 (1.0 KiB)  TX bytes:3348 (3.2 KiB)
          Interrupt:185 Base address:0x1400 

lnxbr0    Link encap:Ethernet  HWaddr 00:0C:29:6D:F0:55  
          inet6 addr: fe80::20c:29ff:fe6d:f055/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:66 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:3036 (2.9 KiB)  TX bytes:468 (468.0 b)

And it's the same - the packets come in on eth1, go out on eth0, but the 
echoes never make it back through eth0.

So where exactly do they get stuck? I really don't know how to proceed...

> Also check that the drivers correctly report carrier state.
>
> brctl show lnxbr0
... is always like this:

bridge name	bridge id		STP enabled	interfaces
lnxbr0		8000.000c296df055	no		eth1
							eth0

> Should show both devices in forwarding atate.
Where could I see that?

Thanks for your help!

Patrick.

-- 
Key ID: 0x86E346D4            http://patrick-nagel.net/key.asc
Fingerprint: 7745 E1BE FA8B FBAD 76AB 2BFC C981 E686 86E3 46D4

[Attachment #5 (application/pgp-signature)]

_______________________________________________
Bridge mailing list
Bridge@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/bridge

[prev in list] [next in list] [prev in thread] [next in thread] 