Virtual Network Interfaces

Jeremie Le Hen jeremie at
Mon Oct 23 09:47:07 UTC 2006


On Sun, Oct 22, 2006 at 06:01:03PM +0200, Jeremie Le Hen wrote:
> On Mon, Oct 16, 2006 at 02:12:47AM -0400, Raymond Wagner wrote:
> > My ISP provides me up to 5 dynamically assigned addresses out of a /20
> > block.  I have more than 5 machines on my network, so I have no choice but
> > to run NAT, however I would like to force two of those machines onto their
> > own external addresses.  If I had static addresses, I could simply alias the
> > addresses into the external interface and then use "binat" in pf to redirect
> > the traffic. However, the addresses have to be requested from the DHCP
> > server, and expire after 4 hours.
> > 
> > I can get this to work by running the NAT function under QEMU and just
> > giving the virtual machine several interfaces bridged to the physical
> > external interface.  Running a VM is far from ideal.  Is there any way I
> > could set up a virtual network interface that could be bridged to the true
> > interface and grab its own DHCP address?
> I don't know if that works, but I would try the following setup.
> Supposing you have two physical interaces, an external one (ext0)
> and an internal one (int0), I would create a VLAN on int0 for
> each machine which have to have its own public address (vlan1
> and vlan2) and bridge { ext0, vlan1, vlan2 }.

I thought of another way this morning in my bathroom, which is far
neater, though I've not tested it.

First use if_bridge(4) to mingle ext0 and int0, then use the MAC
addresses to let through but the machines that are supposed to have
a public IP address; the other will have to use your FreeBSD as a
default gateway.

Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >

More information about the freebsd-net mailing list