Pseudo Bridge - Unix

This is a discussion on Pseudo Bridge - Unix ; Hi all... I have a problem here. I need to put a firewall that do packet limiting per second without changing my network topology and my machines configuration... I thinked of building a simple bridge, but a bridge can`t control ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Pseudo Bridge

  1. Pseudo Bridge

    Hi all... I have a problem here.
    I need to put a firewall that do packet limiting per second without
    changing my network topology and my machines configuration... I
    thinked of building a simple bridge, but a bridge can`t control
    packets this way... So someone told me to do a Pseudo Bridge, but I`m
    having some trouble. Here`s my network

    A B
    C D E
    ----------Gateways------------BandwithControl----------Routers---------
    Clients

    A = 208.48.246.0/24
    B = 10.1.1.1, 10.1.1.2 or 10.1.1.3
    C = 10.1.1.20 (bridge)
    D = 10.1.20.0/16
    E = 10.2.0.0/16

    So, the wan interfaces of the routers has as default gateway 10.1.1.1,
    10.1.1.2 or 10.1.1.3 passing by my bandwith controller. This works
    fine!

    But I need to rate the packets that come from the lan side of the
    routers before passing by the bandwith controll, so I'm thinking in
    build some linux box that do this with pseudo-bridging... It goes
    something like

    A B
    C X
    Y D E
    ----------Gateways------------BandwithControl----------PSEUDO-
    BRIDGE--------------Routers---------Clients

    But I don`t know which IP`s I put on interfaces X and Y.

    If I configure X = 10.1.1.120 and Y=10.1.1.121, do I need to add
    routes in my pseudo-bridge? If the bridge default route is 10.1.1.1,
    all packets that come from Y interface would be redirected to
    10.1.1.1? I don`t want this...

    I need to do something that does not change any configuration or much
    changes in this topology.

    I think I was a bit confusing haha but it was the best way I found to
    explain my problem...

    Thank you all!


  2. Re: Pseudo Bridge

    ****in hell, what a mess! let me see if I can fix those diagrams

    Hi all... I have a problem here.
    I need to put a firewall that do packet limiting per second without
    changing my network topology and my machines configuration... I
    thinked of building a simple bridge, but a bridge can`t control
    packets this way... So someone told me to do a Pseudo Bridge, but I`m
    having some trouble. Here`s my network

    A B C D E
    ---Gateways---BandwithControl--Routers--Clients

    A = 208.48.246.0/24
    B = 10.1.1.1, 10.1.1.2 or 10.1.1.3
    C = 10.1.1.20 (bridge)
    D = 10.1.20.0/16
    E = 10.2.0.0/16

    So, the wan interfaces of the routers has as default gateway
    10.1.1.1,
    10.1.1.2 or 10.1.1.3 passing by my bandwith controller. This works
    fine!
    But I need to rate the packets that come from the lan side of the
    routers before passing by the bandwith controll, so I'm thinking in
    build some linux box that do this with pseudo-bridging... It goes
    something like

    A B C
    X Y D E
    --Gateways----BandwithControl--PSEUDO-BRIDGE---Routers-Clients

    But I don`t know which IP`s I put on interfaces X and Y.
    If I configure X = 10.1.1.120 and Y=10.1.1.121, do I need to add
    routes in my pseudo-bridge? If the bridge default route is 10.1.1.1,
    all packets that come from Y interface would be redirected to
    10.1.1.1? I don`t want this...
    I need to do something that does not change any configuration or much
    changes in this topology.
    I think I was a bit confusing haha but it was the best way I found to
    explain my problem...
    Thank you all!

  3. Re: Pseudo Bridge

    damn...
    The pseudo-bridges left interface is X and right interface is Y

    On Nov 27, 3:32 pm, Fravo wrote:
    > ****in hell, what a mess! let me see if I can fix those diagrams
    >
    > Hi all... I have a problem here.
    > I need to put a firewall that do packet limiting per second without
    > changing my network topology and my machines configuration... I
    > thinked of building a simple bridge, but a bridge can`t control
    > packets this way... So someone told me to do a Pseudo Bridge, but I`m
    > having some trouble. Here`s my network
    >
    > A B C D E
    > ---Gateways---BandwithControl--Routers--Clients
    >
    > A = 208.48.246.0/24
    > B = 10.1.1.1, 10.1.1.2 or 10.1.1.3
    > C = 10.1.1.20 (bridge)
    > D = 10.1.20.0/16
    > E = 10.2.0.0/16
    >
    > So, the wan interfaces of the routers has as default gateway
    > 10.1.1.1,
    > 10.1.1.2 or 10.1.1.3 passing by my bandwith controller. This works
    > fine!
    > But I need to rate the packets that come from the lan side of the
    > routers before passing by the bandwith controll, so I'm thinking in
    > build some linux box that do this with pseudo-bridging... It goes
    > something like
    >
    > A B C
    > X Y D E
    > --Gateways----BandwithControl--PSEUDO-BRIDGE---Routers-Clients
    >
    > But I don`t know which IP`s I put on interfaces X and Y.
    > If I configure X = 10.1.1.120 and Y=10.1.1.121, do I need to add
    > routes in my pseudo-bridge? If the bridge default route is 10.1.1.1,
    > all packets that come from Y interface would be redirected to
    > 10.1.1.1? I don`t want this...
    > I need to do something that does not change any configuration or much
    > changes in this topology.
    > I think I was a bit confusing haha but it was the best way I found to
    > explain my problem...
    > Thank you all!



+ Reply to Thread