From owner-freebsd-questions@FreeBSD.ORG Tue Jun 21 19:46:32 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 066E516A42B for ; Tue, 21 Jun 2005 19:46:32 +0000 (GMT) (envelope-from sarath@linuxtechs.net) Received: from venus.mediacatch.com (ns13.mediacatch.com [216.27.201.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id B4B2443D58 for ; Tue, 21 Jun 2005 19:46:29 +0000 (GMT) (envelope-from sarath@linuxtechs.net) Received: from [202.83.54.141] (helo=[202.83.54.141]) by venus.mediacatch.com with esmtpa (Exim 4.50) id 1Dkohe-0006UH-AV; Tue, 21 Jun 2005 15:46:37 -0400 Message-ID: <42B86E6F.2040400@linuxtechs.net> Date: Tue, 21 Jun 2005 12:45:51 -0700 From: Sarath ER User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Stephan Weaver References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - venus.mediacatch.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12] X-AntiAbuse: Sender Address Domain - linuxtechs.net X-Source: X-Source-Args: X-Source-Dir: Cc: freebsd-questions@freebsd.org Subject: Re: 2 Nic on same subnet. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jun 2005 19:46:32 -0000 Stephan Weaver wrote: > Can you give me an example of how this is done? <--- please do not TOP > POST > > >> From: Sarath ER >> To: freebsd-questions@freebsd.org >> Subject: Re: 2 Nic on same subnet. >> Date: Tue, 21 Jun 2005 12:10:33 -0700 >> >> Stephan Weaver wrote: >> >>> Hello All, >>> >>> I am trying to place my network behind a firewall [FreeBSD BASED]. >>> >>> What i have Done! >>> >>> I have 2 Nic in the BSD PC. >>> vr0, vr1. >>> Both on the same subnet eg. >>> vr0 - 192.168.0.1 , vr1 - 192.168.0.2. >>> >>> I Plug the Ethernet Cable From the DSL modem Into my vr0 interface. >>> I Plug the Ethernet Cable from the SWITCH into my vr1 interface. >>> >>> I am running ipnat as follows. >>> ipnat.rules >>> ---------------- >>> map vr0 192.168.0.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp >>> map vr0 192.168.0.0/24 -> 0.0.0.0/32 portmap tcp/udp 40000:60000 >>> map vr0 192.168.0.0/24 -> 0.0.0.0/32 >>> >>> >>> ----------- >>> Here are some messages i get from my /var/log/messages. >>> Jun 20 22:47:36 pizzaboys kernel: arp: 192.168.0.198 is on vr0 but >>> got reply from 00:08:74:4f:57:c5 on vr1 >>> >>> >>> Thank You, Stephan Weaver >>> stephanweaver@hotmail.com >>> >> >> You must delete the routes for the network from both interfaces and >> add individual host routes to the interfaces. Suppose you have a >> cable modem on vr0 add a host route for that Ip and assign it to vr0 >> interface and add the rest of the hosts in your lan in vr1 interface. >> Or you can choose a different network or subnet the same ip block >> >> Cheers, >> - Sarath >> _______________________________________________ > route delete -net yournetworkhere/maskhere <- you might have to do it twice... route add -host ipaddressofthelocalinterface -interface vr0 route add -host ipaddressofcablemodemhere -interface vr0 route add -host ipaddressofvr1here -interface vr1 route add -host firsthostinlan -interface vr1 route add -host secondhostinlan -interface vr1 ............ I think this would do it... - Sarath