A routing/IP/NIC query < Expert required

Micheal Patterson micheal at cancercare.net
Sat Jun 28 16:32:18 PDT 2003

----- Original Message ----- 
From: "Keith Spencer" <bsd2000au at yahoo.com.au>
To: <freebsd-questions at freebsd.org>
Sent: Saturday, June 28, 2003 5:25 PM
Subject: A routing/IP/NIC query < Expert required

> Hi all,
> I have a new adsl isp allocating my fbsd 4.7 box a
> routable IP (end user ip)
> I have 32 (read that as 30) ips of my own to use and
> route for my domain.
> I have 2 NICs in the gateway/router
> How should I setup the IPs and aliases etc. I
> figure...
> (yyy.yyy.yyy.yyy = ISP end user ip they gave me)
> (xxx.xxx.xxx.xx1 = 1st usable ip in my 32 ip range)
> (xxx.xxx.xxx.xx2 = 2nd usable ip in my 32 ip range)

Keith, it depends on what you're really wanting to do in the end.  It also
depends on if the DSL modem/router is in bridge mode or not. If it isn't,
then the yyy.yyy.yyy.yyy IP may be assigned to the DSL unit leaving you with
the remaining 30 real IP's for your systems behind it.

Assuming that the unit isn't in bridge mode (many installs aren't) you can
set the FBSD box outside nic (toward the DSL unit) to the first usable IP of
the range they provided) and configure it for bridge mode and assign the
remaining IP's to the systems on your lan.

Assuming that the unit IS in bridge mode, the external nic would use the
yyy.yyy.yyy.yyy IP and the first usable IP would go on your internal nic
(facing your lan) on the FBSD box and then you'd assign the remainder of the
IP's to the systems on your lan.

Assuming the dsl unit not in bridge mode and you actually want to use the
10.x.x.x IP range on the lan computers insteald of the 30 provided,  assign
all of the real IP's provided to the nic facing the DSL unit and the first
of the 10.x.x.x range you want to use on the FBSD nic facing your lan, then
configure NAT normally. To allocate traffic for a real IP to an internal
10.x.x.x IP for the two live servers, set up a static nat on the FBSD box
( -redirect_address 10.x.x.x.x  xxx.xxx.xxx.xxx ) for each of the systems
and they'll be reachable from the outside.


Micheal Patterson
Network Administration
Cancer Care Network

More information about the freebsd-questions mailing list