Bridge0 gone mad! - BSD

This is a discussion on Bridge0 gone mad! - BSD ; I am using OpenVPN on my four-legged firewall. The interfaces are: fxp0 - External interface with one "real" IP address and four world-readable aliases. fxp1 - Internal (client) interface, protected part of the network. sis0 - Private server interface. A ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Bridge0 gone mad!

  1. Bridge0 gone mad!

    I am using OpenVPN on my four-legged firewall. The interfaces are:

    fxp0 - External interface with one "real" IP address and four
    world-readable aliases.
    fxp1 - Internal (client) interface, protected part of the network.
    sis0 - Private server interface. A protected file server is on this
    interface.
    sis1 - Public server interface. To become my public SMTP, HTTP, DNS,
    etc. servers.

    The contents of /etc/bridgename.bridge0 are:

    add fxp1
    add tun0
    up

    Trouble is, when I do this, my internal network is flooded to the point
    of being DoSed, as follows:

    tcpdump -nettvvi fxp1

    1145779066.910019 0:c0:2:eb:f3:15 9:0:7:ff:ff:ff 001d 220: snap
    8:0:7:80:9b 255.138.1.6 > 0.0.6: at-#6 185
    1145779066.910026 0:c0:2:eb:f3:15 9:0:7:ff:ff:ff 001d 812: snap
    8:0:7:80:9b 255.138.1.6 > 0.0.6: at-#6 777
    1145779066.920012 0:c0:2:eb:f3:15 9:0:7:ff:ff:ff 001d 200: snap
    8:0:7:80:9b 255.138.1.6 > 0.0.6: at-#6 165
    1145779066.920019 0:c0:2:eb:f3:15 9:0:7:ff:ff:ff 001d 840: snap
    8:0:7:80:9b 255.138.1.6 > 0.0.6: at-#6 805
    1145779066.920026 0:c0:2:eb:f3:15 9:0:7:ff:ff:ff 001d 800: snap
    8:0:7:80:9b 255.138.1.6 > 0.0.6: at-#6 765
    1145779066.930012 0:c0:2:eb:f3:15 9:0:7:ff:ff:ff 001d 244: snap
    8:0:7:80:9b 255.138.1.6 > 0.0.6: at-#6 209
    1145779066.930020 0:c0:2:eb:f3:15 9:0:7:ff:ff:ff 001d 828: snap
    8:0:7:80:9b 255.138.1.6 > 0.0.6: at-#6 793
    1145779066.930026 0:c0:2:eb:f3:15 9:0:7:ff:ff:ff 001d 268: snap
    8:0:7:80:9b 255.138.1.6 > 0.0.6: at-#6 233
    1145779066.930032 0:c0:2:eb:f3:15 9:0:7:ff:ff:ff 001d 856: snap
    8:0:7:80:9b 255.138.1.6 > 0.0.6: at-#6 821
    Segmentation fault

    Okay, this is one of those days where I've learned that I don't know
    nearly as much as I think I do. What the HELL is all of this traffic?
    It goes away when I do "ifconfig bridge0 down." I am at a complete
    loss and not even sure where to begin.


  2. Re: Bridge0 gone mad!

    sealinux@gmail.com wrote:
    > I am using OpenVPN on my four-legged firewall. The interfaces are:
    >
    > fxp0 - External interface with one "real" IP address and four
    > world-readable aliases.
    > fxp1 - Internal (client) interface, protected part of the network.
    > sis0 - Private server interface. A protected file server is on this
    > interface.
    > sis1 - Public server interface. To become my public SMTP, HTTP, DNS,
    > etc. servers.
    >
    > The contents of /etc/bridgename.bridge0 are:
    >
    > add fxp1
    > add tun0
    > up
    >
    > Trouble is, when I do this, my internal network is flooded to the point
    > of being DoSed, as follows:
    >
    > tcpdump -nettvvi fxp1
    >
    > 1145779066.910019 0:c0:2:eb:f3:15 9:0:7:ff:ff:ff 001d 220: snap

    [...]
    > Segmentation fault
    >
    > Okay, this is one of those days where I've learned that I don't know
    > nearly as much as I think I do. What the HELL is all of this traffic?
    > It goes away when I do "ifconfig bridge0 down." I am at a complete
    > loss and not even sure where to begin.
    >


    Looks like you may have created a network loop.
    Does it happen when nothing is connected at the tunnel end?
    Misconfigured tunnel?

  3. Re: Bridge0 gone mad!

    I'm guessing that's what happened. After I did "ifconfig destroy
    bridge0" and tried again, I didn't have the same problem.

    Thanks for your help. I was just pretty freaked out by it. I've never
    seen anything like it before or since.


+ Reply to Thread