[fbsd] Virtual Network Interfaces

[Jeremie Le Hen]

Hi Raymond,

On Mon, Oct 16, 2006 at 02:12:47AM -0400, Raymond Wagner wrote:
> My ISP provides me up to 5 dynamically assigned addresses out of a /20
> block.  I have more than 5 machines on my network, so I have no choice but
> to run NAT, however I would like to force two of those machines onto their
> own external addresses.  If I had static addresses, I could simply alias the
> addresses into the external interface and then use "binat" in pf to redirect
> the traffic. However, the addresses have to be requested from the DHCP
> server, and expire after 4 hours.
> 
> I can get this to work by running the NAT function under QEMU and just
> giving the virtual machine several interfaces bridged to the physical
> external interface.  Running a VM is far from ideal.  Is there any way I
> could set up a virtual network interface that could be bridged to the true
> interface and grab its own DHCP address?

I don't know if that works, but I would try the following setup.
Supposing you have two physical interaces, an external one (ext0)
and an internal one (int0), I would create a VLAN on int0 for
each machine which have to have its own public address (vlan1
and vlan2) and bridge { ext0, vlan1, vlan2 }.

On Linux, there is an interesting feature that, once two interfaces
are bridged, you can use a tool called "ebtables" to select if a
packet is going to be bridged or routed, depending on layer 2 and
layer 3 informations.

(See http://ebtables.sourceforge.net/ebtables-man.html)

Regards,
-- 
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >