Date: Wed, 20 Oct 1999 00:26:24 -0400 (EDT) From: Barrett Richardson <barrett@phoenix.aye.net> To: FreeBSD -- The Power to Serve <geniusj@suarez.bestweb.net> Cc: FreeBSD -- The Power to Serve <geniusj@phreebsd.org>, questions@freebsd.org, isp@freebsd.org Subject: Re: quick gated questions Message-ID: <Pine.BSF.4.01.9910192342450.26761-100000@phoenix.aye.net> In-Reply-To: <Pine.LNX.4.10.9910192023360.13593-100000@phreebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 19 Oct 1999, FreeBSD -- The Power to Serve wrote: > Aye, but I want to use SEPERATE routers for each device.. It's a must > since each connectino has filters upstream to prevent use of other IP > addresses that aren't on their network (spoof protection), therefore they > must each be using their own network, so they cant all use the same > network.. > Thanks in advance (again) > Jason DiCioccio Ok. Here's what I think I understand of your problem. You are direct connected to subnet 208.45.16.x/y and there is a gateway on that subnet, 208.45.16.248, beyond which is a larger network I'll call A. You are also direct connected to a subnet 205.252.42.x/y and the gateway on that network, 205.252.42.97 connects to a larger network I'll call B. A filters B, and B filters A. For accesses to your box that originate on network A, you need the return traffic to go back to A via 208.45.16.248. Likewise, you need packets that are return traffic to network B to exit your topology via 205.252.42.97. Am I right? To do this, your box must know the subnets that are both in network A, and network B. You need static routes for each of them, or your box must learn them via a routing protocol. Also, you must take care that your applications are not bound to a particular IP address or the return traffic to one of the networks will have a filtered IP address. Alternatively, you may be able to use ipfw and rule based forwarding as a means to the end. Say your box's ip addresses are 208.45.16.a and 205.252.42.b. You apply a rule that forwards packets with a source address of 208.45.16.a to 208.45.16.249. You apply another rule that forwards packets with a source address of 205.252.42.b to 205.252.42.97. You may want to have some extra rules to ensure that traffic destined to the attached subnets doesn't get bounced off the routers. - Barrett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.01.9910192342450.26761-100000>