How to get my Dad's Win2k system to access internet through my
FreeBSD 6.2 system
Da Rock
rock_on_the_web at comcen.com.au
Thu Oct 16 04:26:36 PDT 2008
On Thu, 2008-10-16 at 06:54 -0400, Michael Powell wrote:
> Da Rock wrote:
>
> [snip]
> > I'm assuming the problem with double nat'ing is the confusion in packet
> > traffic. So if the OP is using his ADSL modem to connect to the net,
> > then it could be safe to assume the public IP would be to the modem
> > itself, and not his box (barring the possible use of USB), so then the
> > nat'ing would already be done. Therefore, the best and easiest way would
> > be to simply bridge his interfaces- correct? Less overheads, etc, plus
> > simplicity of setup.
> >
>
> There is another option, a variant of which I use. My el cheapo deluxe DSL
> modem has really crappy broken firewall and DNS implementations. Wireshark
> showed Windows Messenger service spam leaking past and as soon as I saw
> that I assumed it was probably the tip of the iceberg.
>
> You can also bridge the modem (disabling it's NAT as well). In a fully
> bridged configuration your FreeBSD gateway will have to perform PPPoE
> handshake and login as well.
>
Setting up the modem itself this way can be tricky at times, depending
on the model and the service. One gotcha with this method can be if your
ISP is using heartbeat, and so you'll have to either script yourself or
find one that suits.
> I use a second option called split-bridge, which they have named "IP
> Passthrough". This allows the DSL modem to be responsible for the PPPoE
> session. It works by passing the WAN public IP to the Internet facing NIC
> in my FreeBSD box via DHCP. So, while my interior LAN NIC is static, my
> outside NIC is ifconfig_xl0="DHCP". It gets assigned whatever IP Verizon
> sends.
>
Is this also called IP spoofing?
> I just like this particular arrangement better. I run a caching/hybrid DNS
> server on the gateway as well. I've used this configuration for about 2
> years now and it has served me well. I also use ALTQ to prioritize outgoing
> acks, as this seems to be helpful when using asymmetric DSL.
>
Sounds very stable- I might have to look into the ALTQ (one day, when I
finally get through my other projects... :) ).
More information about the freebsd-questions
mailing list