Re: FreeBSD router two DSL connections
that is worth anything allows direct connections to those routers to their end-user customers. There is just too much potential for abuse, and even more potential for being blackholed as a rogue network by the rest of the Internet. Everybody today that knows anything about what they are doing, applies ingress filters, or they require their downstreams to ingress filter. In fact I'd say this is one of the reasons Cisco was disloged as the core router vendor by Juniper, because of the need for enough CPU in routers closer and closer to the core to be able to run access lists. Chances today that a cable line or a DSL line going to an end user could get a packet with a non-network source very far in to the Internet are zilch. One of the largest sources of bogus source IP numbers in fact are those cheap-as-shit DSL/Cable routers, as some of those models will ARP both their legal WAN IP address, and the LAN IP addresses, on their WAN port. All of the ActionTec routers do this in bridged mode, for example, and Qwest has thousands of them deployed. And the second largest source are infected PC's that have DDoS trojans on them, which some mothership You're not using illegal addresses when you load balance, Ted. You're using real address that all of your upstream ISPs need to know about. Why can't you grasp this concept? DT __ Yahoo! DSL – Something to write home about. Just $16.99/mo. or less. dsl.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Seek ye first the kingdom of God and all these things shall be added unto you. Winelfred G. Pasamba Adventist University of the Philippines Computer Science Department, AUP Online Information System ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD router two DSL connections
I wonder if these routers are using freebsd http://www.edimax.com/html/english/products/list-router.htm 2 WAN, 4 WAN, etc... and i also wonder what happens if one WAN goes down? or if the WANs are of different speeds? On 12/23/05, Ted Mittelstaedt [EMAIL PROTECTED] wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Thursday, December 22, 2005 3:09 AM To: freebsd-questions@freebsd.org Subject: RE: FreeBSD router two DSL connections Which is not redundant. Considering the OP asked for specifics on how to do this and your response as been a bunch of theoretical gobbdleygook that is flat out wrong network theory, you haven't done anything to help the poor bastard. Hi, This is a pretty firey debate. I have a question along the lines of this thread. I currently have a 1.5Mbit ADSL tail at the school that I work for. This tail connects to the Education Office which hosts a variety of websites, we then get internet access through the education office. We currently also have 230 PCs, and the connection is slowing down significantly. What I planned on doing was purchasing a 20Mbit ADSL 2+ connection and setting up a FreeBSD router which forwards all internet traffic through the ADSL2+ connection, and the Education Office traffic would be forwarded through the existing connection. Is this feasible? The easiest way would be to purchase a DSL modem/router for use with the ADSL2 connection (or a ADSL2 modem coupled to a etherent-to-ethernet DSL router) Set this up as a network address translator, plug it into your school network. (you can use FreeBSD for this if you want) You will need to do a bit of exploring to find out the subnets that the ED office is using. For example, suppose ED office has assigned IP subnet 10.0.10.0/24 to your school. Their existing DSL tail has an IP number of 10.0.10.1 on it. You have your PC's seup to use IP addresses 10.0.10.10 - 10.0.10.240 with a subnet mask of 255.255.255.0 and a gateway of 10.0.10.1 You do some queries with nslookup to find out all the IP adresses of the Ed servers, and you find they are on subnets 10.0.12.x, 10.0.15.x, 192.168.4.x, etc. So, first thing you do is you setup your BSD system/DSL router/DSl modem as a translator, and set it's internal interface IP address to 10.0.10.2 Then you add in a bunch of static routes into it for the ED subnets you discovered, pointing those subnets to 10.0.10.1 Last you set your PC's to use 10.0.10.2 as their default gateway. When the PC's send traffic to the Internet the router sends that out the ADSL2 line When the PC's send traffic to ED, the router issues an ICMP redirect that installs an ICMP route in the PC's that points to 10.0.10.1 for that host. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Seek ye first the kingdom of God and all these things shall be added unto you. Winelfred G. Pasamba Adventist University of the Philippines Computer Science Department, AUP Online Information System ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD router two DSL connections
Ted, Thanks for checking on me. I've been only two days with pfSense, and about 5 days with freebsd, and about 1.5 weeks with openbsd. However i would like to point out that i did not use, or did not know how to use, or have found the load balancing feature in the pfSense web interface. I also don't know if the load balancing mentioned in the docs is the same that i used. I was happy with pfSense because of the Packet Filter port to freebsd. I've been using Packet Filter of OpenBSD to load balance traffic to the same ISP with two lines. So far it looks like OpenBSD's Packet Filter's packet round-robin'ing is working nicely with FreeBSD. On 12/13/05, Ted Mittelstaedt [EMAIL PROTECTED] wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Winelfred G. Pasamba Sent: Monday, December 12, 2005 8:26 AM To: Yance Kowara Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD router two DSL connections i use pfSense (www.pfsense.com) pfSense is a open source firewall derived from the m0n0wall operating system platform with radically different goals such as using Packet Filter, FreeBSD 6.X (or DragonFly BSD when ALTQ and CARP is finished) ALTQ for excellent packet queueing and finally an integrated package management system for extending the environment with new features. then i edit /etc/pf.conf and paste the openbsd pf tutorial for load balancing outgoing traffic ( http://www.openbsd.org/faq/pf/pools.html#outexample) then i pfctl -f /etc/pf.conf and watch the traffic on both WAN interfaces Sigh. THIS IS NOT LOAD BALANCING PLEASE QUIT BEING SLOPPY WITH YOUR NETWORKING TERMS I refer you to the pfsense website itself: http://faq.pfsense.org/index.php?sid=13525lang=enaction=artikelcat=6i d=18artlang=en Load balancing is on per connection basis, not a bandwidth basis. All packets in a given flow will go over only one link. In other words, they are redefining the term load balancing into something that is not understood by any previously accepted definition of load balancing, so that people like you can think your getting something for nothing. Once more - FTP to a remote site with your dual DSL links. Copy a FreeBSD ISO file to there. Watch as the upload speed IS NO FASTER THAN ONE OF THE LINKS. Load balancing is accomplished with multilink PPP and that is in FreeBSD, I have run it before over dual modem links and it works great. But the links must terminate at the same ISP. Ted -- Seek ye first the kingdom of God and all these things shall be added unto you. Winelfred G. Pasamba Adventist University of the Philippines Computer Science Department, AUP Online Information System ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD router two DSL connections
i use pfSense (www.pfsense.com) pfSense is a open source firewall derived from the m0n0wall operating system platform with radically different goals such as using Packet Filter, FreeBSD 6.X (or DragonFly BSD when ALTQ and CARP is finished) ALTQ for excellent packet queueing and finally an integrated package management system for extending the environment with new features. then i edit /etc/pf.conf and paste the openbsd pf tutorial for load balancing outgoing traffic ( http://www.openbsd.org/faq/pf/pools.html#outexample) then i pfctl -f /etc/pf.conf and watch the traffic on both WAN interfaces On 12/12/05, Yance Kowara [EMAIL PROTECTED] wrote: Hi all, I am trying to figure out if *BSD can achieve this: I have two DSL connections to play with, and I would like to configure a *BSD router that can combine the two DSLs together. There is a howto at http://stevenfettig.com/mythoughts/archives/000173.php But it concerns OpenBSD and it was for a T1 connection using a dual T1 card. I would like to configure one on 2 DSLs connected to two individual NICs. Is this feasible at all, or should I just invest in a dual Wan hardware? Kind regards, Yance __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Seek ye first the kingdom of God and all these things shall be added unto you. Winelfred G. Pasamba Adventist University of the Philippines Computer Science Department, AUP Online Information System ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: backup strategies
BackupPC http://www.google.com/search?hl=enlr=newwindow=1q=backuppc+freebsd On 10/31/05, albi [EMAIL PROTECTED] wrote: On Sun, 30 Oct 2005 14:49:02 +0100 Csaba Henk [EMAIL PROTECTED] wrote: We plan to set up a backup server. -- cut -- 1) What parts are to be backed up? If I backup the whole system, the backup disk will get full soon. incremental backups via a script called from cron sounds good, you might consider trying rdiff-backup http://www.nongnu.org/rdiff-backup/ http://www.nongnu.org/rdiff-backup/examples.html -- grtjs, albi gpg-key: lynx -dump http://scii.nl/~albi/gpg.asc | gpg --import ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Seek ye first the kingdom of God and all these things shall be added unto you. Winelfred G. Pasamba Adventist University of the Philippines Computer Science Department, AUP Online Information System ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
