From owner-freebsd-hackers  Tue Oct 19 10:29:29 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from jumping-spider.aracnet.com (jumping-spider.aracnet.com [205.159.88.14])
	by hub.freebsd.org (Postfix) with ESMTP id 67C8B17789
	for <hackers@FreeBSD.ORG>; Tue, 19 Oct 1999 10:29:27 -0700 (PDT)
	(envelope-from beattie@aracnet.com)
Received: from shell2.aracnet.com (IDENT:1728@shell2.aracnet.com [216.99.193.20])
	by jumping-spider.aracnet.com (8.9.3/8.9.3) with ESMTP id KAA19978;
	Tue, 19 Oct 1999 10:27:27 -0700
Received: from localhost by shell2.aracnet.com (8.8.7)  id KAA24843; Tue, 19 Oct 1999 10:26:50 -0700
X-Authentication-Warning: shell2.aracnet.com: beattie owned process doing -bs
Date: Tue, 19 Oct 1999 10:26:50 -0700 (PDT)
From: Brian Beattie <beattie@aracnet.com>
To: Nick Rogness <nick@rapidnet.com>
Cc: "Zuidam, Hans" <Hans.Zuidam@nl.origin-it.com>,
	"'hackers@freebsd.org'" <hackers@FreeBSD.ORG>
Subject: Re: natd question
In-Reply-To: <Pine.BSF.4.05.9910191019310.99921-100000@rapidnet.com>
Message-ID: <Pine.LNX.4.10.9910191020170.24214-100000@shell2.aracnet.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, 19 Oct 1999, Nick Rogness wrote:

> On Tue, 19 Oct 1999, Zuidam, Hans wrote:
> 
> > I want to set up a test network which (partly) mirrors our production
> > side network. To match reality as close as possible we keep the IP
> > addresses in the test network the same as in the production network.  In
> > order not to run around with tapes between the two networks, I would like
> > to create the following setup:
> > 
> >        (~~~~~~~~~~)                                 (~~~~~~~~~~)
> >       (            )          +---------+          (            )
> >      +              +         |         |         +              +
> >     ( 130.144.120/22 ) ------ | FreeBSD | ------ ( 130.144.120/22 )
> >      +    (real)    +         |         |         +    (test)    +
> >       (            )          +---------+          (            ) 
> >        (~~~~~~~~~~)                                 (~~~~~~~~~~)
> 
> 
> 	You can't split 2 identical networks, with identical
> 	netmasks across 2 interfaces unless you are running some sort of
> 	BRIDGE or transparent proxy support. Even then, if you have the
> 	same IP's on both networks you will run into problems with routing
> 	and ARP entries on the FreeBSD machine.
> 
> 	If you are looking to connect the 2 networks together, run a
> 	different ip range on the (test) network, like the 10.0.0.0
> 	or 192.168 network. If you are not connecting to the internet then
> 	you will not need to run NATD, just make sure that the
> 	gateway address of the machines on both sides are pointing to the
> 	corresponding FreeBSD interface IP.
> 
>

How about:
 
        (~~~~~~~~~~)                                     (~~~~~~~~~~)
       (            )      +-------+      +-------+     (            )
      +              +     |       |      |       |    +              +
     ( 130.144.120/22 ) -- |FreeBSD| ---- |FreeBSD| --( 130.144.120/22 )
      +    (real)    +     |       |      |       |    +    (test)    +
       (            )      +-------+      +-------+     (            ) 
        (~~~~~~~~~~)                                     (~~~~~~~~~~)

Using 10.0.0.0 on the network in the middle


Brian Beattie            | The only problem with
beattie@aracnet.com      | winning the rat race ...
www.aracnet.com/~beattie | in the end you're still a rat



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message