routing problem (with corrected scheme)
Julian Elischer
julian at elischer.org
Fri Aug 12 18:58:18 GMT 2005
Donatas wrote:
> hello,
> I am sorry for a previous diagram that got wrapped .
> If someone could take a look at the picture explaining the problem, I would be thankfull.
> ftp://temp:temp@217.9.241.242/routing_problem.jpg - 136Kbytes.
> Short description of a problem: I can't find a way to divert or route inbound traffic to specifiend ip(vlan) in IP level.
>
Do the users have to have real IP addresses or can they have
NAT'd addresses? In other words, do they have INCOMING sessions
or just outgoing sessions?
If the latter then you could put a NATD on each of the vlan
interfaces on the user router, so that the return packets will
automatically go back to the vlan from which they came.
Why do you need DIFFERENT VLANS between the two routers for
data that will eventually go to different places?
Why can't that decision be made on the core router?
Is it just so you can shape traffic between the two routers?
why not do the shaping on the core router?
actually you should be able to do it with ipfw's 'fwd' rule
without NAT.
ipfw add 1000 fwd ip4 ip from any to ${USER_NETWORK} in recv em0
ipfw add 1001 fwd ip3 ip from any to ${USER_NETWORK} in recv em1
More information about the freebsd-net
mailing list