Re: natd question

Jamie Bowden Tue, 19 Oct 1999 10:06:35 -0700
On Tue, 19 Oct 1999, Brian Beattie wrote:

:On Tue, 19 Oct 1999, Nick Rogness wrote:
:
:> On Tue, 19 Oct 1999, Zuidam, Hans wrote:
:> 
:> > I want to set up a test network which (partly) mirrors our production
:> > side network. To match reality as close as possible we keep the IP
:> > addresses in the test network the same as in the production network.  In
:> > order not to run around with tapes between the two networks, I would like
:> > to create the following setup:
:> > 
:> >        (~~~~~~~~~~)                                 (~~~~~~~~~~)
:> >       (            )          +---------+          (            )
:> >      +              +         |         |         +              +
:> >     ( 130.144.120/22 ) ------ | FreeBSD | ------ ( 130.144.120/22 )
:> >      +    (real)    +         |         |         +    (test)    +
:> >       (            )          +---------+          (            ) 
:> >        (~~~~~~~~~~)                                 (~~~~~~~~~~)
:> 
:> 
:>      You can't split 2 identical networks, with identical
:>      netmasks across 2 interfaces unless you are running some sort of
:>      BRIDGE or transparent proxy support. Even then, if you have the
:>      same IP's on both networks you will run into problems with routing
:>      and ARP entries on the FreeBSD machine.
:> 
:>      If you are looking to connect the 2 networks together, run a
:>      different ip range on the (test) network, like the 10.0.0.0
:>      or 192.168 network. If you are not connecting to the internet then
:>      you will not need to run NATD, just make sure that the
:>      gateway address of the machines on both sides are pointing to the
:>      corresponding FreeBSD interface IP.
:> 
:>
:
:How about:
: 
:        (~~~~~~~~~~)                                     (~~~~~~~~~~)
:       (            )      +-------+      +-------+     (            )
:      +              +     |       |      |       |    +              +
:     ( 130.144.120/22 ) -- |FreeBSD| ---- |FreeBSD| --( 130.144.120/22 )
:      +    (real)    +     |       |      |       |    +    (test)    +
:       (            )      +-------+      +-------+     (            ) 
:        (~~~~~~~~~~)                                     (~~~~~~~~~~)
:
:Using 10.0.0.0 on the network in the middle

You're going to have to work some magic even for that.  You've got two
boxes who both think 130.144.120/22 is a directly connected network.
Routing to the other network without confusing your routers is going to be
tricky, if it's even possible.

Jamie Bowden

-- 

If we've got to fight over grep, sign me up.  But boggle can go.
        -Ted Faber (on Hasbro's request for removal of /usr/games/boggle)



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Re: natd question

Reply via email to
