From owner-freebsd-questions Sun Jul 22 21:41: 6 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.tecdigital.net (tecdigital.tol.itesm.mx [132.254.97.16]) by hub.freebsd.org (Postfix) with SMTP id 72ADE37B407 for ; Sun, 22 Jul 2001 21:41:00 -0700 (PDT) (envelope-from madd@tecdigital.net) Received: (qmail 2091 invoked from network); 23 Jul 2001 04:40:58 -0000 Received: from unknown (HELO Valk) (madd@148.243.246.74) by tecdigital.tol.itesm.mx with SMTP; 23 Jul 2001 04:40:58 -0000 Message-ID: <000101c11331$ab7f5aa0$0a00a8c0@Valk> From: "Mario Doria" To: "The Psychotic Viper" Cc: "FreeBSD Questions" References: Subject: Re: FBSD box between cisco and clients Date: Sun, 22 Jul 2001 23:29:15 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I dont know if you can enable a bridge in fbsd and also use the dummynet device to curve bandwidth, but what about a bridge without ips, running ipfw to curve the user's bandwidth as desired. Also, it can protect clients from attacks coming from the net. ----- Original Message ----- From: "The Psychotic Viper" To: "Gideon" Cc: Sent: Sunday, July 22, 2001 11:26 pm Subject: Re: FBSD box between cisco and clients > Hi, > > On Mon, 23 Jul 2001, Gideon wrote: > > > At this moment our network looks like this : > > > > Clients - Cisco Router - Internet > > > > I want to do the following > > > > Clients - FBSD - Cisco - Internet > any more info on connectivity, i.e. any routers,hubs between the fbsd box > and the client machines? > > > Every machine above including the clients have public ip's . The reason i > > need to do this is i need to do bandwidth limiting with the freebsd box thus > > the clients must not be able to access the cisco directly . also all the > > machines above must be on one subnet . > Well what I do is setup the FreeBSD box as a firewall to pass out data > from ur internal (translates as client in ur case) network (via NAT). They > can keep their IPs just need their gateway changed. So in essence a > transparent NAT gateway/firewall. > > > I was wondering whot will be the best way of doing this ? Also sum > > documentation references would be much appreciated . Also whot software > > should i use for bandwidth capping ? IPFW or ALTQ or ne other ? > as for the rate limiting DUMMYNET works good in my experiences. > > > PsyV > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message