Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 15 Nov 2002 12:03:21 +0100
From:      "Marcin M. Jessa" <yazzy@yazzy.org>
To:        freebsd-isp@freebsd.org, freebsd-questions@freebsd.org
Subject:   Network Troubles.
Message-ID:  <20021115110321.GA4024@yazzy.org>
next in thread | raw e-mail | index | archive | help 
Hi guys.

I have two subnets with static public IP's. 
Both point to my hardware SDSL router. 
One is 80.123.16.64-80.123.16.71 with 80.123.16.65 as the router IP and the other 123.234.173.128-255 with  123.234.173.129 as the router IP. 
I have LAN behind my firewall. It uses 80.123.16.66 to talk to the outside. 80.123.16.66 resides on one nic with a couple extra 80.123.16.64/224 IPs aliased on it.
I run natd and NAT these IP's to misc services behind my firewall.
When I add both 80.123.16.66 and 123.234.173.130 to my firewall I can connect to and from my LAN fine.
I can ping both IP's from inside and outside and connect to the services on my DMZ and to my LAN boxes.
But I also have a few boxes on the 123.234.173.128/128 subnet connected directly to my switch which is connected to the router. 
When I add 123.234.173.130 to a separate nic on my firewall, I cannot talk to the other boxes on that subnet anymore, even though they are not connected 
to my firewall but directly to a hub. Every connection attempt from the LAN or outside fails.
But then I can speak to 123.234.173.130 just fine. 
One more thing. I have 80.123.16.68 also connected directly to my switch and it works just fine. I am pretty confused.
Any idea what can cause that? 

INTERNET -> Router with 80.123.16.64-71 & 123.234.173.128-255 -> 3com Switch -> Firewall with 80.123.16.66, 80.123.16.67, 80.123.16.69 & 123.234.173.130 -> Lan & DMZ 
                                                                    x
                                                                    |
                                                                    |
                                                                    |
                                                                    x
                                           A few boxes with public IP's - on both 80.123.16.64-71 & 123.234.173.128-255 and firewalling directly on them.    
                                           

Another thing, can I run natd on two different nics? Something like natd_interface="dc1 xl0" ? I want LAN and DMZ to use 2 different gw IP's.

Thanks in advance.

YazzY

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021115110321.GA4024>