Date: Wed, 3 May 2000 10:22:41 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: rpingel@snafu.de Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD & DSL Message-ID: <Pine.BSF.4.21.0005031012000.13246-100000@ren.sasknow.com> In-Reply-To: <E12mxus-00009O-00@smart.visp-europe.psi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
CC'ed freebsd-questions@freebsd.org Please CC all recipients when replying. rpingel@snafu.de wrote to Ryan Thompson: > Hello Ryan Thompson > > thanks for your quick answer. > > The DSL-Modem is externally and connected through a NIC and ethernet cabling. > > Current configuration: > > DSL-Modem <--> Win NT Workstation <--> internal Net > | ( two NIC's ) ( Server and Workstations ) > | > \- IP over DHCP > > New Configuration: > > DSL-Modem <--> FreeBSD 3.3 <--> internal Net > | ( two NIC's ) ( Server and Workstations ) > | ( Firewall IPFW, NATD ) > | > \- IP fixed or over DHCP It sounds like a relatively simple setup. You have two interfaces... One configured with DHCP (or with a static address), and the other configured on an RFC 1918 address (say, 10.0.0.1). The "Server" on your internal net could be assigned 10.0.0.2. The workstations could be assigned 10.0.0.3, etc. Do you want to enable Internet access for the Workstations? With NAT, it becomes difficult, since you have ONE public address and many private addresses. When packets come in, it is difficult for the NAT machine to determine which machine to route them to. (Since they will be coming in for only one public IP--RFC 1918 addresses are NOT routable through external equipment). So, if you do only have one public IP address, you are going to have to have fun with port based NAT, proxying, and numerous redirects, depending on the services that you wish to allow through with IPFW. What (in detail) do you need to allow through on the workstations? Do you plan to SERVE any requests for these services (either on the FreeBSD machine, or the internal server, or even on the workstations?) Sharing one IP between many computers (more than three, in your case) doesn't work well if the machines share common services, like http or ftp for example. Virtually yours, - Ryan Thompson -- Ryan Thompson <ryan@sasknow.com> Systems Administrator, Accounts Phone: +1 (306) 664-1161 SaskNow Technologies http://www.sasknow.com #106-380 3120 8th St E Saskatoon, SK S7H 0W2 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0005031012000.13246-100000>