If memory serves me right, Julian Elischer wrote: > > 1. ng_bridge(4) doesn't do spanning tree. Neither does bridge(4). > > WHICH spanning tree? Spanning tree is a generic term.. > Are you refering to a particular implimentation of something that uses > spanning tree algorythms? Someone else beat me to this but I was under the impression that if_bridge supported the spanning tree protocol/algorithm used by Ethernet switches. > > 2. A problem that I saw was that ng_bridge(4) didn't interact very well > > with IPFilter...specifically, I recall that IPFilter rules had no effect > > on bridged packets. This was a problem when I was trying to add > > filtered bridging to m0n0wall...the maintainer and I eventually switched > > to using bridge(4)-style bridging after resolving a few other problems. > > There is a ipfw type netgraph module floating around somewhere that you > can link in with ng_bridge to get a much more flexible arangement > should that be needed. Of course it could do with some work.... Thanks. In this case, it wasn't needed. I actually thought about writing an "ng_ipf" node but before I figured out how to do it, I realized the source of the problems we had been having with bridge(4) and came up with a workaround. Cheers, Bruce.
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:51 UTC