Re: fbsd box as router AND natd
On Fri, 14 Mar 2003 22:00:46 -0500 Bill Moran [EMAIL PROTECTED] wrote: Lowell Gilbert wrote: Bill Moran [EMAIL PROTECTED] writes: fbsdq wrote: Hello, I was wondering if this is possible and how to do it. I just got a t1 installed with limited IP's. I want my FreeBSD box to act as a router to all those office pc's with my limited public IP's, and when I run out of those I want it to also act as a natd box to my 10.x.x.x ip addresses. Do I need three nics to get this done? One for outside interface, one for public ip inside interface [router], and a third one for inside public ip interface [natd]? I know how to do natd, but for it to act as a router what do I need in /etc/rc.conf, will just gateway_enable=YES do? or do I need to run routed? Yes, you can do this. No, you don't need two network cards. You *should* have two. You don't need three, though. [You could do it with one, but your ISP would have a right to be annoyed with you.] My typo. I meant you don't need _three_. Thanks for straightening me out, Lowell. -- Bill Moran Potential Technologies http://www.potentialtech.com Replying to my own post but heck live and learn... I think figured the best way to do this would be thru bridging, it gives my FreeBSD box an opportunityt to act as a firewall [don't need a router] for the office pc's with public ip's without the need for subnetting, and I think I would be able to also do natd on this box thru the outside interface. This way internet can pass thru my firewall and reach the internal machines with public ip's, and when I run out of those I'll use private 10.x.x.x ip's and just do natd on them thru the same firewall/bridgeDoes this setup sound sane/plausible? internet | | T1 Connection/Router | | FreeBSD Firewall/Natd Bridge | | Internal Lan with both public and private IP's now to wait until Monday...all this excitement and nothing to break. - ---FreeBSD The Power To Serve--- To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
fbsd box as router AND natd
Hello, I was wondering if this is possible and how to do it. I just got a t1 installed with limited IP's. I want my FreeBSD box to act as a router to all those office pc's with my limited public IP's, and when I run out of those I want it to also act as a natd box to my 10.x.x.x ip addresses. Do I need three nics to get this done? One for outside interface, one for public ip inside interface [router], and a third one for inside public ip interface [natd]? I know how to do natd, but for it to act as a router what do I need in /etc/rc.conf, will just gateway_enable=YES do? or do I need to run routed? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: fbsd box as router AND natd
fbsdq wrote: Hello, I was wondering if this is possible and how to do it. I just got a t1 installed with limited IP's. I want my FreeBSD box to act as a router to all those office pc's with my limited public IP's, and when I run out of those I want it to also act as a natd box to my 10.x.x.x ip addresses. Do I need three nics to get this done? One for outside interface, one for public ip inside interface [router], and a third one for inside public ip interface [natd]? I know how to do natd, but for it to act as a router what do I need in /etc/rc.conf, will just gateway_enable=YES do? or do I need to run routed? Yes, you can do this. No, you don't need two network cards. Use the -unregistered_only option to natd to tell it only to translate RFC-1918 addressed (so your public addresses get routed without translation) Set up the internal network card with an IP in the 10.x.x.x range, as well as a public IP. Then the machines with Public IPs can route through without translation, but natd will translate the private ones. Without knowing more about the layout of your network and the IPs involved, I can't give more details. Your ISP may need to add a routing rule to get traffic to route successfully back to you. -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: fbsd box as router AND natd
Bill Moran [EMAIL PROTECTED] writes: fbsdq wrote: Hello, I was wondering if this is possible and how to do it. I just got a t1 installed with limited IP's. I want my FreeBSD box to act as a router to all those office pc's with my limited public IP's, and when I run out of those I want it to also act as a natd box to my 10.x.x.x ip addresses. Do I need three nics to get this done? One for outside interface, one for public ip inside interface [router], and a third one for inside public ip interface [natd]? I know how to do natd, but for it to act as a router what do I need in /etc/rc.conf, will just gateway_enable=YES do? or do I need to run routed? Yes, you can do this. No, you don't need two network cards. You *should* have two. You don't need three, though. [You could do it with one, but your ISP would have a right to be annoyed with you.] Use the -unregistered_only option to natd to tell it only to translate RFC-1918 addressed (so your public addresses get routed without translation) Set up the internal network card with an IP in the 10.x.x.x range, as well as a public IP. Then the machines with Public IPs can route through without translation, but natd will translate the private ones. You shouldn't need a public IP on the inside interface. Putting a public IP on the outside interface should be good enough. Without knowing more about the layout of your network and the IPs involved, I can't give more details. Your ISP may need to add a routing rule to get traffic to route successfully back to you. As long as you've got two cards, this shouldn't be a problem. They shouldn't be seeing your internal traffic, and your external traffic will all be using the public IP addresses they've already given you. By you, incidentally, I mean the original poster, or anybody else following a similar scheme. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: fbsd box as router AND natd
Lowell Gilbert wrote: Bill Moran [EMAIL PROTECTED] writes: fbsdq wrote: Hello, I was wondering if this is possible and how to do it. I just got a t1 installed with limited IP's. I want my FreeBSD box to act as a router to all those office pc's with my limited public IP's, and when I run out of those I want it to also act as a natd box to my 10.x.x.x ip addresses. Do I need three nics to get this done? One for outside interface, one for public ip inside interface [router], and a third one for inside public ip interface [natd]? I know how to do natd, but for it to act as a router what do I need in /etc/rc.conf, will just gateway_enable=YES do? or do I need to run routed? Yes, you can do this. No, you don't need two network cards. You *should* have two. You don't need three, though. [You could do it with one, but your ISP would have a right to be annoyed with you.] My typo. I meant you don't need _three_. Thanks for straightening me out, Lowell. -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
