Date: Tue, 24 Oct 2000 12:48:11 -0400 From: "Elliott Perrin" <eperrin@bigorbit.com> To: <freebsd-net@freebsd.org> Subject: Three interface routing problem Message-ID: <01a101c03dda$32423ae0$0c01a8c0@bottleneck2000>
next in thread | raw e-mail | index | archive | help
Wondering if anyone can shed some light on how to do this properly. I am using FreeBSD 4.0 on a machine configured as a firewall. I have been trying to set it up so that I can have three interfaces, one to live web servers, one to carrier and one to LAN. Current interface configuration is xl0 192.168.1.1 netmask 255.255.255.0 xl1 xxx.xxx.xxx.115 netmask 255.255.255.248 xl2 xxx.xxx.xxx..129 netmask 255.255.255.240 xl2 goes to carrier, xl1 goes to web servers (DMZ), and xl0 is pretty obvious. the first three octects of xl1 and xl2 are the same. Here is the problem experienced, when I connect the network to xl0 the local LAN can reach our DMZ, but cannot reach the Internet. The web servers remain live to the Internet and to the LAN and I can reach reach the outside world from the web servers. I have done this with all ipfw rules flushed to be sure that is not the ruleset and NATD is running in -u with the address of the xl2 interface (out to carrier) specified as the address to translate to. Within Sysctl net.inet.ip.fw.enable: 1 net.inet.ip.fw.one_pass: 1 Any hints as to what I am missing, I figure I gotta be missing something here. Cheers ________________________________________ Elliott Perrin eperrin@bigorbit.com [t] 416.516.0705 ext 25 [f] 416.516.9256 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01a101c03dda$32423ae0$0c01a8c0>