I'm trying to create a transparent bridging firewall with a NIC at one end
and PPPoE(4) at the other end. In this case I'm using OpenBSD 4.4-CURRENT
sparc (same thing happens on 4.2) on a sparcstation 10 with quad ethernet
(qe - 10Mb).
The problem is that the bridge cannot be established, probably because the
MTUs do not match.
The MTU of qe(0 to 3) is 1500.
The MTU of pppoe0 (established via pppoe(4)) is 1492
I can't change the MTU of qe0-3.
There's an overhead of 8 bytes in PPPoE - does this therefore mean it can
never go above 1492?
The MTU of pppoe can be modified, but only to 1492 or lower.
Additionally I am confused by the OpenBSD 4.4 changelist item :
'Adapt maximum permitted MTU on pppoe(4) to the MTU of the connected
Ethernet/VLAN interface.'
This, to me, potentially indicates that the MTU of pppoe could be matched to
the MTU of the NIC (although, is this perhaps limited by the fact that to do
so it would need 1500+8 bytes of overhead, and thus blow the 1500 Ethernet
MTU limit?). I tried applying 4.4-CURRENT and the MTU of pppoe stays at
1492.
Any solution? Find a NIC which can have its MTU lowered, perhaps?
Also, even if I could get the MTUs to match, bridge complains on startup
because pppoe0 does not yet exist. Is there a more elegant solution than a
shellscript with a delay and a series of brconfig commands to fix this?
Cheers!
Peter
