[Bug 400] connection tracking does not work on VLANs if underlying interface is a bridge

bugzilla-daemon at bugzilla.netfilter.org bugzilla-daemon at bugzilla.netfilter.org
Thu Jun 8 10:04:00 CEST 2006


https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=400





------- Additional Comments From pila at pilasecurity.com  2006-06-08 10:03 MET -------
I had the same trouble yesterday.

It's very useful to have vlan over bridges. Think this situation:

1- You have a cluster of firewall
2- You have a DMZ net with two switches for redundancy
3- You have two nic on your firewall to connect to each switch
4- You need VLAN to separate server each other on DMZ

The best resolution is to bridge the two nic and to create vlan over bridges.

This is the case we have and where we find the same bug in iptables.

It should be very useful to have this bug resolved.

Bye

Andrea "Pila" Ghirardini

-- 
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.



More information about the netfilter-buglog mailing list