Bridge configuration

Aleksej Lebedev root at zta.lk
Mon Oct 16 07:06:18 PDT 2017


Hi, everone!

My question is not really specific to Dragonfly, but that's the system 
I'm using so I decided to ask here.

I am renting a dedicated server on hetzner.de that runs Dragonfly. It 
has 2 static IPv4.
One is for the physical NIC and the other is for the system running as a 
vkernel. Both interfaces
are connected to a bridge.

The problem is that according to the FreeBSD handbook (I couldn't find 
the info on Dragonfly's handbook)
the NIC's IP should actually be assigned to the bridge interface not to 
the NIC's one:

(From here: https://www.freebsd.org/doc/handbook/network-bridging.html)

Which causes IP packets leaving the system have source MAC of the bridge 
interface, not the real NIC's one.

That wouldn't (and didn't) bother me for a few years, but recently 
hetzner decided to implement traffic filtering
based on mac addresses (and of course they did it without notifying me, 
but that's another problem).

So now I lost the access to my server via it's primary IPv4. IPv6 and 
vkernel's IPv4 are still working though.

My question is why is it recommended to assign IP to the bridge instead 
of the real NIC?
To me it makes little sense. Especially considering the fact that the 
other interface (the one that is connected to vkernel)
is assigned a separate IP and works perfectly.

Is it correct suggestion at all? If so what is the reasoning behind it? 
And what will happen if I assign IP to the real NIC interface?

Thanks so much in advance!

-- 
Aleksej Lebedev



More information about the Users mailing list