A routing/IP/NIC query < Expert required
Keith Spencer
bsd2000au at yahoo.com.au
Sat Jun 28 20:00:50 PDT 2003
Hi Michael,
Thanks for the helping hand.
I assume (because I did not do it) the modem is NOT in
bridge mode.
It looks like the last set of instructs you tell me to
do is exactly what I need.
I will alias the nic to all my 30 addresses and use
IPNAT to static NAT map them. I was a bit confused
about what to do even though I knew about NAT. I
hacked around but still couldn't see the servers
behind the firewall.
This would also allow me to setup a DMZ I presume.
So I might put another NIC in the box and allocate
some other private addresses to the facing NICs.
Then prick a few holes in the firewall.
Hmmm How am I doing now?
PS Do I benefit from bridge mode on the modem?
Keith
--- Micheal Patterson <micheal at cancercare.net> wrote:
>
> ----- Original Message -----
> From: "Keith Spencer" <bsd2000au at yahoo.com.au>
> To: <freebsd-questions at freebsd.org>
> Sent: Saturday, June 28, 2003 5:25 PM
> Subject: A routing/IP/NIC query < Expert required
>
>
> > Hi all,
> > I have a new adsl isp allocating my fbsd 4.7 box a
> > routable IP (end user ip)
> > I have 32 (read that as 30) ips of my own to use
> and
> > route for my domain.
> > I have 2 NICs in the gateway/router
> > How should I setup the IPs and aliases etc. I
> > figure...
> > (yyy.yyy.yyy.yyy = ISP end user ip they gave me)
> > (xxx.xxx.xxx.xx1 = 1st usable ip in my 32 ip
> range)
> > (xxx.xxx.xxx.xx2 = 2nd usable ip in my 32 ip
> range)
>
> Keith, it depends on what you're really wanting to
> do in the end. It also
> depends on if the DSL modem/router is in bridge mode
> or not. If it isn't,
> then the yyy.yyy.yyy.yyy IP may be assigned to the
> DSL unit leaving you with
> the remaining 30 real IP's for your systems behind
> it.
>
> Assuming that the unit isn't in bridge mode (many
> installs aren't) you can
> set the FBSD box outside nic (toward the DSL unit)
> to the first usable IP of
> the range they provided) and configure it for bridge
> mode and assign the
> remaining IP's to the systems on your lan.
>
> Assuming that the unit IS in bridge mode, the
> external nic would use the
> yyy.yyy.yyy.yyy IP and the first usable IP would go
> on your internal nic
> (facing your lan) on the FBSD box and then you'd
> assign the remainder of the
> IP's to the systems on your lan.
>
> Assuming the dsl unit not in bridge mode and you
> actually want to use the
> 10.x.x.x IP range on the lan computers insteald of
> the 30 provided, assign
> all of the real IP's provided to the nic facing the
> DSL unit and the first
> of the 10.x.x.x range you want to use on the FBSD
> nic facing your lan, then
> configure NAT normally. To allocate traffic for a
> real IP to an internal
> 10.x.x.x IP for the two live servers, set up a
> static nat on the FBSD box
> ( -redirect_address 10.x.x.x.x xxx.xxx.xxx.xxx )
> for each of the systems
> and they'll be reachable from the outside.
>
> --
>
> Micheal Patterson
> Network Administration
> Cancer Care Network
> 405-733-2230
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
http://mobile.yahoo.com.au - Yahoo! Mobile
- Check & compose your email via SMS on your Telstra or Vodafone mobile.
More information about the freebsd-questions
mailing list