Hi this is David, please know I posted this today on OpenBSD.org "misc" list - I hope this is not considered 'cross-posting' if I tell you that first, so as to warn you so you don't bother with answering me on both lists.
***
I really need help, pf gurus!
I'm ok with setting up hosts on an existing network, as I'm familiar with the basics of DNS, DHCP, etc. But now I am trying to solve a problem on a friend's network and it looks to me like pf would be a wonderful solution, and I want to know if you think this would work, and also I have questions about setting up the interfaces on the OpenBSD/pf box.
Here is the setup:
3 Computers on Ethernet LAN to Netgear RP614v2, Cable/DSL Gateway/Router/Switch (Firmware v. 5.13) and this attached to DSL modem.
Cisco ATA186 (Analog Telephone Adaptor) used with a service that connects telephones into ethernet (VOIP). This device attached to phone and ethernet to the Netear router.
Here is the problem:
When using the phone or fax over the Cisco ATA186 it works fine UNTIL there is any other traffic from the computers. Not sure if problem with traffic on LAN, but definitely when there is simultaneous traffic to or from Internet to any of the computers, the voice in the phone to the Cisco ATA186 gets choppy and a fax can even get dropped.
Proposed solution - will this work?
Seems that using an OpenBSD box with 2 NICs, I could configure pf as NAT router/firewall, and also give priority to the VOIP traffic (the Cisco box is using DHCP server in the Netgear router but I can change it to fixed IP address to aid filtering by pf). This way, I would be replacing the Netgear router, and fixing the problem with the choppy voice or dropped faxes. I may need a switch going from the pf box to the computers, to handle the multiple ports. Does this sound feasible?
SPECIFIC QUESTIONS (assuming the above is feasible)...
One of the interfaces on pf box would be configured for using DHCP, and be connected to the DSL router. This would be like the present connection between Netgear router and DSL modem.
The other interface is where I am having a bit of difficulty in understanding. I am so used to working with hosts set up as DHCP clients, that I'm having hard time seeing what to do with configuring the settings for the LAN side of the pf box. Specifically, since the LAN is a workgroup and not a domain, and I want to make the pf box be the DHCP server on the LAN side, what should I answer to these parameters:
DNS domain name? (just put a space or nothing?)
DNS name server? (DNS addresses used on the ISP side?)
Use the nameserver now?
Default route? (I'm wanting this interface's IP address
to be the default route, I believe)The examples given in the pf manual on openbsd site really got me thinking and it seems that pf is really powerful. Thanks to all who worked on the docs and the software. I'm really looking forward to experimenting!
THANK YOU!
David
