Date: Tue, 12 Dec 2000 01:10:42 -0800 From: "Crist J. Clark" <cjclark@reflexnet.net> To: Danny Pansters <danny@ricin.com> Cc: freebsd-questions@freebsd.org Subject: Re: Configuring Gateway/NAT on Freebsd -- different networks? Message-ID: <20001212011042.A96105@149.211.6.64.reflexcom.com> In-Reply-To: <00121203245500.28610@ricin.localnet>; from danny@ricin.com on Tue, Dec 12, 2000 at 03:24:55AM %2B0100 References: <Pine.BSF.4.10.10012101425590.91853-100000@www.newsindex.com> <20001210150314.P96105@149.211.6.64.reflexcom.com> <00121203245500.28610@ricin.localnet>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Dec 12, 2000 at 03:24:55AM +0100, Danny Pansters wrote: > Having read the discussion so far I wonder: isn't the problem related to > having your dsl link plugged into your hub. I have cable, not DSL, but in my > case I definately can't plug my cable link in my hub and it would magically > connect to my internally networked boxes. > > Now I'm not an expert on this, but my guess would be your DSL provider uses > DHCP like my cable provider does and that you prefer to configure your > ethernet interface statically like I do too. I had a static IP back when I had @Home cable in NJ. This does vary from provider to provider. > My next guess would be that your > provider requires a box (ethernet card) not some sort of bridge bridge (your > hub) to tell them its present, yell at their router and ask for name > resolving etc. Your hub can't do that. Your modem does not know what type of device it is plugged into, nor can it care. Ethernet is Ethernet. Many modems will only talk to a single device, but there is no way for a modem to know if it is plugged into the upload port of a hub or if it is plugged into a NIC. (Well, I guess it could potentially detect full- versus half-duplex, but since some NIC's don't do full-duplex and I seem to recall my old coax modem didn't talk full-duplex either, that would not be a sure fire test.) > It just doesn't seem logical to me that it would work the way you're trying. At one point, didn't he say that the gateway box could get out on the Internet? That would imply that there is not a problem with the gateway and the modem. That said, what the heck is the precise physical setup? I'm really confused since you were originally talking about tun0, but it turns out we don't seem to have any serial lines involved afterall? > And why use the 172.16 range and not the 192.168 which is a c class so the > netmask one would guess would actually be the right one? why complicate > things. The Internet has been classless for a long time now. Everyone should feel free to use any RFC1918 block that tickles their fancies. The less possibility for accidental spoofs and similar problems. Go ahead and use 10.x.x.0/27 blocks or whatever. > I've worked with a small ISP for over a year (they used Debian Linux) and we > used the multiple IP#'s on interfaces for apache to have seperate IP numbers > for our clients' websites, before we switched to virtual hosting. But in > those cases all the eth0:1 .. eth0:n interfaces were on the same network as > the eth0 (replace eth with xl if you like). Maybe it could work if you'd find > a supernet/mask that includes both your dsl IP# and your local Ip range, if > possible?? That would be bad. You're telling him to try to use registered addresses that are not registered to him? > I'd be interested in hearing what other people think, I've often wondered > about how far one can take this "interface splitting". Take it wherever you want. We have this absolutely chaotic setup at work. We have a contiguous block of 4 Class C blocks. But one is not actually connected to the Internet... except for a few addresses. We have 8 more Class C blocks not connected to the Internet... except fpr a few addresses. We also are using several Class C's in the 192.168.0.0/16 block as well as a bunch of Class C-sized ones from 172.16.0.0/12. Oh, yeah, there is another Class C and a piece of yet another Class C, but those are different subnets, our extranets. But here's the fun part. Almost this whole friggin' thing is switched. Pretty much all internal traffic that is not on one logical net goes to the router which bounces it back out the same interface. But what this means is when I am doing something where I need to be local (e.g. Jumpstarting a Sun box), all I need to do is alias the NIC to an address local to that machine. If I don't clean extra addresses off of some machines that I use for this kind of stuff, they can start to collect a lot of numbers. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001212011042.A96105>