From owner-freebsd-questions Sat Mar 15 1:29:21 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3AE6537B401 for ; Sat, 15 Mar 2003 01:29:19 -0800 (PST) Received: from saexchange.softwarealternative.com (saexchange.softwarealternative.com [66.45.84.192]) by mx1.FreeBSD.org (Postfix) with SMTP id 8309C43F75 for ; Sat, 15 Mar 2003 01:29:18 -0800 (PST) (envelope-from peter@kuyarov.org) Received: (qmail 56890 invoked from network); 15 Mar 2003 09:18:56 -0000 Received: from 12-235-230-177.client.attbi.com (HELO server.home.pk) (12.235.230.177) by saexchange.softwarealternative.com with SMTP; 15 Mar 2003 09:18:56 -0000 Date: Sat, 15 Mar 2003 02:33:06 -0700 From: Peter To: freebsd-questions@freebsd.org Subject: Re: fbsd box as router AND natd Message-Id: <20030315023306.385dc833.peter@kuyarov.org> In-Reply-To: <3E72975E.1040506@potentialtech.com> References: <20030314223344.54713.qmail@saexchange.softwarealternative.com> <3E726A3D.8010405@potentialtech.com> <44n0jxpjzw.fsf@be-well.ilk.org> <3E72975E.1040506@potentialtech.com> X-Mailer: Sylpheed version 0.8.6 (GTK+ 1.2.10; i386-portbld-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, 14 Mar 2003 22:00:46 -0500 Bill Moran wrote: > Lowell Gilbert wrote: > > Bill Moran writes: > > > > > >>fbsdq wrote: > >> > >>>Hello, > >>> I was wondering if this is possible and how to do it. I just got > >>>a t1 installed with limited IP's. I want my FreeBSD box to act as a > >>>router to all those office pc's with my limited public IP's, and > >>>when I run out of those I want it to also act as a natd box to my > >>>10.x.x.x ip addresses. Do I need three nics to get this done? One > >>>for outside interface, one for public ip inside interface [router], > >>>and a third one for inside public ip interface [natd]? I know how > >>>to do natd, but for it to act as a router what do I need in > >>>/etc/rc.conf, will just gateway_enable=YES do? or do I need to run > >>>routed? > >> > >>Yes, you can do this. No, you don't need two network cards. > > > > > > You *should* have two. You don't need three, though. [You could do > > it with one, but your ISP would have a right to be annoyed with you.] > > My typo. I meant you don't need _three_. > Thanks for straightening me out, Lowell. > > -- > Bill Moran > Potential Technologies > http://www.potentialtech.com Replying to my own post but heck live and learn... I think figured the best way to do this would be thru bridging, it gives my FreeBSD box an opportunityt to act as a firewall [don't need a router] for the office pc's with public ip's without the need for subnetting, and I think I would be able to also do natd on this box thru the outside interface. This way internet can pass thru my firewall and reach the internal machines with public ip's, and when I run out of those I'll use private 10.x.x.x ip's and just do natd on them thru the same firewall/bridge....Does this setup sound sane/plausible? internet | | T1 Connection/Router | | FreeBSD Firewall/Natd Bridge | | Internal Lan with both public and private IP's now to wait until Monday.......all this excitement and nothing to break. ------------- ---FreeBSD The Power To Serve--- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message