From owner-freebsd-questions@FreeBSD.ORG Sat Jun 28 20:00:50 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1A83B37B401 for ; Sat, 28 Jun 2003 20:00:50 -0700 (PDT) Received: from web12006.mail.yahoo.com (web12006.mail.yahoo.com [216.136.172.214]) by mx1.FreeBSD.org (Postfix) with SMTP id AB6804402D for ; Sat, 28 Jun 2003 20:00:49 -0700 (PDT) (envelope-from bsd2000au@yahoo.com.au) Message-ID: <20030629030049.68326.qmail@web12006.mail.yahoo.com> Received: from [203.221.19.168] by web12006.mail.yahoo.com via HTTP; Sun, 29 Jun 2003 13:00:49 EST Date: Sun, 29 Jun 2003 13:00:49 +1000 (EST) From: =?iso-8859-1?q?Keith=20Spencer?= To: Micheal Patterson , freebsd-questions@freebsd.org In-Reply-To: <007801c33dcd$85b07570$0201a8c0@dredster> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Subject: Re: A routing/IP/NIC query < Expert required X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2003 03:00:50 -0000 Hi Michael, Thanks for the helping hand. I assume (because I did not do it) the modem is NOT in bridge mode. It looks like the last set of instructs you tell me to do is exactly what I need. I will alias the nic to all my 30 addresses and use IPNAT to static NAT map them. I was a bit confused about what to do even though I knew about NAT. I hacked around but still couldn't see the servers behind the firewall. This would also allow me to setup a DMZ I presume. So I might put another NIC in the box and allocate some other private addresses to the facing NICs. Then prick a few holes in the firewall. Hmmm How am I doing now? PS Do I benefit from bridge mode on the modem? Keith --- Micheal Patterson wrote: > > ----- Original Message ----- > From: "Keith Spencer" > To: > Sent: Saturday, June 28, 2003 5:25 PM > Subject: A routing/IP/NIC query < Expert required > > > > Hi all, > > I have a new adsl isp allocating my fbsd 4.7 box a > > routable IP (end user ip) > > I have 32 (read that as 30) ips of my own to use > and > > route for my domain. > > I have 2 NICs in the gateway/router > > How should I setup the IPs and aliases etc. I > > figure... > > (yyy.yyy.yyy.yyy = ISP end user ip they gave me) > > (xxx.xxx.xxx.xx1 = 1st usable ip in my 32 ip > range) > > (xxx.xxx.xxx.xx2 = 2nd usable ip in my 32 ip > range) > > Keith, it depends on what you're really wanting to > do in the end. It also > depends on if the DSL modem/router is in bridge mode > or not. If it isn't, > then the yyy.yyy.yyy.yyy IP may be assigned to the > DSL unit leaving you with > the remaining 30 real IP's for your systems behind > it. > > Assuming that the unit isn't in bridge mode (many > installs aren't) you can > set the FBSD box outside nic (toward the DSL unit) > to the first usable IP of > the range they provided) and configure it for bridge > mode and assign the > remaining IP's to the systems on your lan. > > Assuming that the unit IS in bridge mode, the > external nic would use the > yyy.yyy.yyy.yyy IP and the first usable IP would go > on your internal nic > (facing your lan) on the FBSD box and then you'd > assign the remainder of the > IP's to the systems on your lan. > > Assuming the dsl unit not in bridge mode and you > actually want to use the > 10.x.x.x IP range on the lan computers insteald of > the 30 provided, assign > all of the real IP's provided to the nic facing the > DSL unit and the first > of the 10.x.x.x range you want to use on the FBSD > nic facing your lan, then > configure NAT normally. To allocate traffic for a > real IP to an internal > 10.x.x.x IP for the two live servers, set up a > static nat on the FBSD box > ( -redirect_address 10.x.x.x.x xxx.xxx.xxx.xxx ) > for each of the systems > and they'll be reachable from the outside. > > -- > > Micheal Patterson > Network Administration > Cancer Care Network > 405-733-2230 > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" http://mobile.yahoo.com.au - Yahoo! Mobile - Check & compose your email via SMS on your Telstra or Vodafone mobile.