From: avn <avn@any.ru> To: <net@freebsd.org> Subject: natd/ipfw or something else? Message-ID: <Pine.BSF.4.33.0102281310160.3790-100000@srv2.any>
next in thread | raw e-mail | index | archive | help
hello there!
I need to setup the following network:
net A --+
| ------> ISP 1
v /
(if1)GATEWAY(if2)------> ISP 2
^ ^ \
| | ------> ISP n
net B --+ |
net C----------------+
....
While net A has normal network addresses; nets B,C have local addresses
(like 10.0.0.0/8) and thus should diverted on a GATEWAY. Gateway has two
network interfaces, and nets may be attached on both them. It should be
possible to configure routing to specify which ISP each net is using, e.g.
nets A and B should use ISP 1, while net C should use ISP2.
I suppose the following:
* having a natd running for each ISP we have
* each natd is configured to use alias which is appropriate for given ISP
(alias1, alias2)
* allocate different ports for each ISP (as far as I understand, this is
required by natd) (designated lower as port1, port2 etc)
* the following rules in firewall
------------------------------------------------------------
fwd ISP1 all from (alias1) to any
fwd ISP2 all from (alias2) to any
...
divert (port1) all from (net B) to any via (if1)
divert (port1) all from any to (alias1) via (if2)
divert (port2) all from (net C) to any via (if2)
divert (port2) all from any to (alias2) via (if2)
...
------------------------------------------------------------
Will this work? Am I missing something, or maybe there is less ugly way of
setting up this?
Regards,
Alexey.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.33.0102281310160.3790-100000>