Date: Thu, 17 Aug 2000 10:50:56 -0700 (PDT) From: Steve Lewis <nepolon@systray.com> To: cjclark@alum.mit.edu Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Q: network topologies, routing, TCP/IP Message-ID: <Pine.BSF.4.05.10008171037070.4392-100000@greg.ad9.com> In-Reply-To: <20000817004403.F28027@149.211.6.64.reflexcom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 17 Aug 2000, Crist J . Clark wrote: > > 1) Bind 2 IPs to one interface. I have seen it done in Linux, but I can't > > find a way to do this with FreeBSD in the docs. How can I bind 1.2.3.5 to > > frontline's public interface in addition to it's current IP address? > > Read ifconfig(8), *SMACK* I overlooked that parameter completely. Thank you. > Anyway, I suggest using the 'redirect_address' feature of natd(8). Put > this other box behind the firewall with one of your RFC1918 numbers > and redirect 1.2.3.5 to that machine. I was planning to use redirect_port instead, because there is only a narrow list of ports on that bastion host that I want to be outwardly accessible (port 80 and a couple other web interfaces), but there are more services running on the box for the benefit of those inside the LAN (a RDBMS, source management, etc). I have used redirect_port successfully in the past. Any reason I shouldn't use it here? To review the topology: Internet - firewall dc0-1.2.3.4 dc1-192.168.0.1 - -> ---192.168.0.10 aka 1.2.3.5 - inner_wall ep0-192.168.0.254 ep1-a LAN IP - LAN --Steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10008171037070.4392-100000>