[Openvpn-users] Three-way bridge setup

  From: Stefan Bethke <stb@xxxxxxxxxx>
  Date: Mon, 4 Jun 2007 11:25:37 +0200


I'm planning to set up OpenWRT-based routers at three sites, and I'd  
like to bridge together all thee local ethernets.  All three sites  
are behind typical residential DSL links, so I'd like to have a full  
mesh: A talking to B and C, B to A and C, and C to A and B.  I think  
I have figured out the iptables rules for having a local DHCP server  
on each end, and appropriate default gateway settings and such, but  
I'm afraid that the bridging itself might pose a problem.

If I just connect all three together in a bridge, unicast packets  
will be handled without problem, as each bridge will know where each  
MAC lives (local, remate A, or remote B).  However, a multicast or  
broadcast packet will be sent from the local network out to each of  
the two remote networks, where it will be re-transmitted to the other  
node, and so on ad infinitum.

If I enable Spanning Tree Protocol on the bridges, this problem is  
avoided, but all traffic between A and C will go via B (if B is  
established as the STP root node), even though there is a direct link  
between A and C.

I could change to a routed configuration, but that would make certain  
applications more cumbersome.  Is anybody running such a configuration?


Stefan Bethke <stb@xxxxxxxxxx>   Fon +49 170 346 0140

