Routing Question
Bill Moran
wmoran at collaborativefusion.com
Tue Dec 12 13:45:22 PST 2006
In response to "Bret J Esquivel" <besquivel at immense.net>:
>
> I have a cable modem at my office with a /28 allocated. I have a FreeBSD 6.1
> firewall/router in between the cable modem and the switch to other nodes. My
> question is how could I add static routes to say my web server having an
> external IP address but still going through the firewall box? NAT is not an
> option.
>
> INET (70.164.48.225/28) -> [xl0] Firewall (70.164.48.226) [xl1] -> [xl0] Web
> server (70.164.48.227)
I could have swore that someone else recommended bridging, so I won't
bother to bring it up.
The other option is to set that system up as a router, and build a proper
routing table. Your ISP will need to be involved so they know to route
traffic to your subnet through your gateway system.
You need to enable forwarding in /etc/rc.conf. Then you'll need to
subnet your range properly. Something like:
70.164.48.225/29 -> external
70.164.48.241/29 -> internal
Then set your external interface on the router to 70.164.48.226 and
the internal interface to 70.164.48.242. They you can use
70.164.48.243 - 249 on the inside.
Configuring the FreeBSD machine as a bridging firewall will simplify
the process, however, and is the approach I would recommend.
--
Bill Moran
Collaborative Fusion Inc.
More information about the freebsd-questions
mailing list