From owner-freebsd-questions@FreeBSD.ORG Tue Sep 2 12:37:04 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4DDFD16A4BF; Tue, 2 Sep 2003 12:37:04 -0700 (PDT) Received: from borg-cube.com (netblock-66-159-209-110.dslextreme.com [66.159.209.110]) by mx1.FreeBSD.org (Postfix) with ESMTP id 092B143FF7; Tue, 2 Sep 2003 12:37:03 -0700 (PDT) (envelope-from dburr@borg-cube.com) Received: from borg-cube.com (dburr@borg-cube.com [66.159.209.110]) by borg-cube.com (8.12.9/8.12.9) with ESMTP id h82JaTmS023837; Tue, 2 Sep 2003 12:36:29 -0700 (PDT) (envelope-from dburr@borg-cube.com) Date: Tue, 2 Sep 2003 12:36:29 -0700 (PDT) From: Donald Burr of Borg To: FreeBSD Questions Message-ID: <20030902123500.E23798@borg-cube.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Status: No, hits=-100.0 required=3.0 tests=USER_IN_WHITELIST version=2.55 X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) cc: freebsd-net@freebsd.org Subject: Need help with strange routing situation X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Sep 2003 19:37:04 -0000 I recently switched to a new DSL provider (DSLExtreme), and in doing so, decided to opt to buy multiple static IP's. The idea is that I would like one static IP for the server, and separate static IP's for our desktop machines, so that things such as IRC DCC, streaming media, etc. will "just work" and won't require special port forwarding or other such nonsense. Here's a (really lame) ASCII picture of our setup: [ Server and ] [ DSL Modem ]--------[ Gateway box ]-------------[ 10/100 switch ] ISP proviedes it's using IP A | | | THREE IP's: provides NAT | | | let's call them for machines | | | IP A, IP B, and that don't [ My desktop PC] | | IP C have their it uses IP B | | own IP | | [ Roomie's PC ] | it uses IP C | | [ Wireless WAP ] . . . . . . . . [ My laptop ] . . [ Roomie's laptop ]. (via wireless) Note that each machine has its own unique, static private internal IP address (192.168.x.x). Also, the gateway/server machine has 2 interfaces: one connected directly to the DSL modem, and one connected to the internal network. The server is the only thing connected to the DSL modem. Ideally here's what we'd like to set up: Our gateway machine and server gets its own IP, IP A. It runs various services (IRC, WWW, FTP, etc.) but IF POSSIBLE I'd also like it to provide NAT for machines that don't have their own IP (i.e. people who visit and bring their laptops). My desktop machine is hooked up via ethernet. It should get IP B. EVERYTHING that goes to IP B gets forwarded to that machine. This way protocols like Game protocols, ICQ, IRC DCC, VNC, etc. work without having to do port forwarding and other crap. But I do want firewalling for this box, so that, for example, I don't get infected with the Windows Worm of the Day, etc. Same thing as above for my roomie's desktop, except it gets IP C. Now the two laptops (as well as any other machines that people bring over when they visit) are a problem. Ideally I'd like them to be NAT'ted behind IP A (the server, which also runs NAT); port forwarding is NOT necessary since we won't ever do anything on those that requires special port forwarding. But they should be firewalled as well. Ideally I'd like to do this setup on the existing hardware. Right now, the server box is running FreeBSD 4.8. If this is an unsuitable platform for the setup described above, and if another platofrm is more suitable (e.g. Linux), I suppose I could switch if necessary, tho that's not the optimal setup (I am very happy with the way FreeBSD works for me). So, any idea of how to do this? Or do I need to go buy some sort of expensive Cisco box or something? (which would REALLY SUCK...) Thanks! -- Donald Burr of Borg | FreeBSD: The Power to Serve! Website: http://www.borg-cube.com/ | http://www.freebsd.org/ PO Box 91212, Santa Barbara CA 93190-1212 \----------------------------- Tel: (805)563-0672 ICQ# 16997506 Present Day... Present Time!