Building home router: 192.168.0.x to access internet
nlandys at gmail.com
Sun Aug 9 02:32:31 UTC 2009
I'm setting up my FreeBSD computer (which has multiple NICs) to act as
a home router (and DNS server and a few other things, but that's not
important for this email). I have done this before, but then my hard
drive broke and I have to do this all again. So, I have a few
questions just to confirm that my approach to this problem is going to
be the optimal one that I can take.
First, my choise of internal network IP addresses is 192.168.0.x. My
router machine's IP address will be 192.168.0.254 (that's the
interface facing the internal network). The IP addresses of the
machines behind the router will start at 192.168.0.2 and go up. I'm
wondering if this choice of IP addresses is conventional or good. Is
this numbering scheme decent? This is the way I had it set up
earlier. I've seen a lot of networks using 192.168.1.x and the router
would be 192.168.1.1.
So now to the problem of being able to connect from a 192.168.0.x
machine to an outside IP address. The way I did this before was by
adding 'gateway_enable="YES"' to /etc/rc.conf and then using the
OpenBSD packet filter (pf) to do a NAT thing. I'm wondering if this,
in your opinion, is the preferred way to do things in order to set up
an internal network which can access the outside internet directly.
If so, can someone give me a really minimal yet secure packet filter
rule set that would do the job? (I'm prepared to read the pf docs,
which will take me a few hours.) The router will connect to the
outside via DHCP, and from what I remember I had to add a rule to not
drop packets that were DHCP-related.
More information about the freebsd-questions