Maxim Khitrov wrote:
On Wed, Sep 9, 2009 at 3:03 PM, Matthew
Seaman<m.sea...@infracaninophile.co.uk> wrote:
Maxim Khitrov wrote:

Am I correct in assuming that I just need to add four
ifconfig_vr0_alias[0-3] lines to rc.conf? What happens if in the
future we get a much bigger IP block, is there a more efficient way of
accomplishing the same thing? I don't actually want the firewall to
consider itself the final destination for any of the additional IPs,
it just needs to pass them to pf for nat and filtering.
Assuming your assigned network is 192.0.2.24/29:

ipv4_addrs_vr0="192.0.2.25-30"

See rc.conf(5) for details.

       Cheers,

       Matthew

Thanks! I looked through /etc/defaults/rc.conf and somehow missed
ipv4_addrs. So if I understand the man page correctly, a single
ipv4_addrs_vr0="x.x.x.9-13/29" line can replace both the aliases and
the one ifconfig_vr0 line. Is that correct? I'm not certain because
the man page states that "an ifconfig_<interface> variable is also
assumed to exist for each value of interface," but everything seems to
be working fine without it.

Correct.  However, the only things you can set with ipv4_addrs_ifX are
IP numbers and netmasks.  If you want to use DHCP or WPA or to fix the
port to a particular duplex setting or to toggle various other controller
specific settings, then the ifconfig_ifX{,_aliasY} variables are your
friends.

You can combine both variable forms for configuring the same interface,
although this works best if you do all alias IP setup using ipv4_addrs_ifX
and just use ifconfig_ifX to set general properties on the interface.


        Cheers,

        Matthew

--
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                 Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                 Kent, CT11 9PW

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to