From owner-freebsd-questions@FreeBSD.ORG Thu Dec 6 19:25:46 2007 Return-Path: Delivered-To: questions@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 154DD16A41A for ; Thu, 6 Dec 2007 19:25:46 +0000 (UTC) (envelope-from mksmith@adhost.com) Received: from mail-in02.adhost.com (mailstandby.adhost.com [216.211.128.129]) by mx1.freebsd.org (Postfix) with ESMTP id F0A4113C43E for ; Thu, 6 Dec 2007 19:25:45 +0000 (UTC) (envelope-from mksmith@adhost.com) Received: from ad-exh01.adhost.lan (unknown [216.211.143.69]) by mail-in02.adhost.com (Postfix) with ESMTP id 8025C1EE855 for ; Thu, 6 Dec 2007 11:25:45 -0800 (PST) (envelope-from mksmith@adhost.com) MIME-Version: 1.0 X-MimeOLE: Produced By Microsoft Exchange V6.5 x-pgp-encoding-format: MIME x-pgp-encoding-version: 2.0.2 Content-Type: multipart/signed; boundary="PGP_Universal_900DE564_59633B3B_7BFE9ABA_58013D6B"; micalg=pgp-sha1; protocol="application/pgp-signature" x-pgp-mapi-encoding-version: 2.5.0 Content-class: urn:content-classes:message Date: Thu, 6 Dec 2007 11:25:44 -0800 Message-ID: <17838240D9A5544AAA5FF95F8D52031602E5452C@ad-exh01.adhost.lan> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: PF with VLAN's - Reference Physical Interface or VLAN Interface? Thread-Index: Acg4PcuT8asPde2ZQUa9PtHxtX6ywA== From: "Michael K. Smith - Adhost" To: Cc: Subject: PF with VLAN's - Reference Physical Interface or VLAN Interface? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Dec 2007 19:25:46 -0000 --PGP_Universal_900DE564_59633B3B_7BFE9ABA_58013D6B Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: QUOTED-PRINTABLE Hello All: Thanks to everyone for the hints on carp_alias interfaces. On a second not= e, we are implementing 802.1Q trunked interfaces. So, our pre-vlan configu= ration is: $ext_if=3D"em1" And an associated NAT rule is: nat on $ext_if from $mail_in01_int to any -> $mail_in01_ext With the addition of VLAN's, em1 won't have an IP address. Instead, the ad= dresses of $mail_in01_int and $mail_in01_ext will be on the VLAN interfaces= . So, my question is, does the rule above stay the same or should it now b= e: $vlan2_if=3D"vlan2" nat on $vlan2_if from $mail_in01_int to any -> $mail_in01_ext Regards, Mike --PGP_Universal_900DE564_59633B3B_7BFE9ABA_58013D6B Content-Type: application/pgp-signature; name="PGP.sig" Content-Transfer-Encoding: 7BIT Content-Disposition: attachment; filename="PGP.sig" -----BEGIN PGP SIGNATURE----- Version: 9.7.0 (Build 867) iQEVAwUBR1hMuPTXQhZ+XcVAAQiP4wgAtn/qlBhEQZITORg8npFlgTzkymuVD2L1 gNF0Z3nwC+fNYCMg/KIafW6L0U6li1up3aQsiZXIbH0+Pq01upCUAbzO8CuduVCm FXJNJ+joU1MuzRjQVYpp4Kt5vvddf/344Y+LkoA4VDGsfzK5ZHfy+MUMUTWeIF7K tuoS/5YG3fQ2mxFp/xsQbW5qFU9pipjp11SRSIirzpnb0+STaVO4mdBqpAPRSeWt 04PYzvLkwTnd001wwb4v7/o+NW7VUqPOZEKNwcJYozgvcPY4789PpTKIXR0kEuJX 6OszRYY9chq5rR+2LkpIYJp+M00oYiUR7BbXKoO5P45nIaLbsiy8gg== =wYhw -----END PGP SIGNATURE----- --PGP_Universal_900DE564_59633B3B_7BFE9ABA_58013D6B--