Routing Question
Vince Hoffman
jhary at unsane.co.uk
Tue Dec 12 13:44:08 PST 2006
Bret J Esquivel wrote:
> Hi,
>
>
>
> I have a cable modem at my office with a /28 allocated. I have a FreeBSD 6.1
> firewall/router in between the cable modem and the switch to other nodes. My
> question is how could I add static routes to say my web server having an
> external IP address but still going through the firewall box? NAT is not an
> option.
>
>
>
> INET (70.164.48.225/28) -> [xl0] Firewall (70.164.48.226) [xl1] -> [xl0] Web
> server (70.164.48.227)
>
>
Only really one choice if you really don't want NAT (i've run web
servers with a static nat many times though so i wouldn't rule it out if
i were you)
Routing wouldn't work in this scenario as you dont have enough control,
you would have to bridge the interfaces on your firewall. man if_bridge.
Bridging xl0 and xl1 on your firewall will make it act like a 2 port
hub, but pf ,ipfw and ipf can still filter packets going across it.
Personally in this situation i'd just add the IPs to the freebsd box and
set static NATs up for anything that needs to be externally visible but
a bridging firewall should work too.
Vince
>
>
> Thanks in advance.
>
>
>
> Bret
>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list