    I have a problem bridging two networks and have the bridge host gets its IP using DHCP.


    1 physical server (Windows Server 2008 R2 with Hyper-V).
    One network uplink with a remote DHCP server.

    On it runs:

    1 zeroshell firewall/bridge (virtualized)
    2+ virtual servers.


    The physical server, zeroshell and virtual servers get their network configuration from the remote dhcp server. The virtual servers are on their own network (LAN). The LAN network is connected to zeroshell. The uplink (WAN) is connected to the server host and to zeroshell.

    In Hyper-V I have allowed both interfaces (WAN and LAN) given to Zeroshell to spoof MAC adresses.

    I have configured the bridge in Zeroshell to use both nics.

    What works:

    All servers and zeroshell get IP configuration so some communication works.

    But the virtual servers cannot make IP communication.

    The reason seems to be the routing information on the bridge host. All machines get a 10.10.150.* address and should be considered being on the same network.

    Destination      Netmask       Type  Metric Gateway     Interface Flags State Source
    DEFAULT GATEWAY Net 0 BRIDGE00 UG Up Auto Net 0 none BRIDGE00 U Up Auto

    So, if I on the bridge ping a virtual server (e.g. on the LAN, it gets routed to the WAN side.

    What is the best way to have this work? If it is possible, that is. I do need to use DHCP to open the IP assignment…


    With numbers:

    Host: (*.107 for short)
    ZeroShell: (*.111)
    Virtual PC: (*.108)

    I can ping *.107 from *.111 and also the other way.

    But when I ping *.108 from *.107, I get this:

    PING ( 56(84) bytes of data.
    Ping icmp_seq=9 Destination Host Unreachable
    Ping icmp_seq=10 Destination Host Unreachable
    Ping icmp_seq=11 Destination Host Unreachable

    When pinging from *.108 to *.107 I get this:

    PING ( 56(84) bytes of data.
    Reply from Destination Host Unreachable
    Reply from Destination Host Unreachable

    When pinging from *.108 to *.111 I get this:

    Pinging with 32 bytes of data
    Request timed out.
    Request timed out.

    I have tried to remove the IP configuration from the bridge, but then nothing works. I have tried static IP configuration but again nothing works.

    Is this a problem with my setup or is the problem with Zeroshell?


    I gave up and installed Ubuntu 12.04 LTS with zentyal-network package. It also gives online configuration of networks and it worked perfectly the first time. I don’t know why I couldn’t make it work with Zeroshell… I tried really a lot.

    But be warning if you are going this way: I upgraded with the latest zentyal packages (from outside ubuntu’s repository) and it ruined my ubuntu install, leaving it with no network connections and dbus errors. But plain ubuntu 12.04 LTS brudging worked but the firewall didn’t seem to work.

