From owner-freebsd-net Fri Jul 9 11:25:14 1999 Delivered-To: freebsd-net@freebsd.org Received: from mail-out2.apple.com (mail-out2.apple.com [17.254.0.51]) by hub.freebsd.org (Postfix) with ESMTP id 76FD814E10 for ; Fri, 9 Jul 1999 11:25:12 -0700 (PDT) (envelope-from justin@rhapture.apple.com) Received: from mailgate1.apple.com (A17-128-100-225.apple.com [17.128.100.225]) by mail-out2.apple.com (8.8.5/8.8.5) with ESMTP id LAA56306 for ; Fri, 9 Jul 1999 11:25:12 -0700 Received: from scv2.apple.com (scv2.apple.com) by mailgate1.apple.com (mailgate1.apple.com- SMTPRS 2.0.15) with ESMTP id for ; Fri, 09 Jul 1999 11:25:09 -0700 Received: from rhapture.apple.com (rhapture.apple.com [17.202.40.59]) by scv2.apple.com (8.9.3/8.9.3) with ESMTP id LAA12756 for ; Fri, 9 Jul 1999 11:25:08 -0700 Received: by rhapture.apple.com (8.9.1/8.9.1) id LAA00699 for net@FreeBSD.ORG; Fri, 9 Jul 1999 11:25:08 -0700 (PDT) Message-Id: <199907091825.LAA00699@rhapture.apple.com> To: net@freebsd.org Subject: Re: Setting up LAN In-Reply-To: <199907090607.XAA01050@walker3.apple.com> Date: Fri, 9 Jul 1999 11:25:07 -0700 From: "Justin C. Walker" Reply-To: justin@apple.com X-Mailer: by Apple MailViewer (2.105.dev) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > From: Shawn Workman > Date: 1999-07-08 23:18:18 -0700 > To: "Justin C. Walker" > Subject: Re: Setting up LAN > Cc: net@FreeBSD.ORG > In-reply-to: <199907090607.XAA01050@walker3.apple.com> > X-Mailer: XFMail 1.3 [p0] on FreeBSD > X-Priority: 3 (Normal) > Delivered-to: freebsd-net@freebsd.org > X-Loop: FreeBSD.org > > I forgot to mention that the FreeBSD box is also my firewall.. That helps define the problem, at least. > could I divide my subnet? A simple ascii diagram may shed light: ^ | ;; to the rest of the world --------------+--------------- | ;; inside your place X ;; your FreeBSD box and firewall | ;; your internal subnet Now, your box (X) has two interfaces. From the point of view of the rest of the world, they don't care about anything below the line. They just know that you have subnet 216.18.166.160, which includes 14 hosts and two broadcast addrs (ain't backwards compatibility a joy?). So I think that sub-dividing your subnet may help, although, as you've noted, the power-of-2 thing will cost you some address space (unless you're happy keeping some hosts on the outside of the firewall. The tricky part is that the outside world (represented by a router above the line) thinks of your subnet as just that. Unless it (the upper router) knows that your FreeBSD box is a router, it's going to try to deliver packets to your subnet using ARP, not by forwarding to "X". Proxy ARP may help, together with splitting your subnet. > Maybe have the netmask on the router be a netmask of 16 IP's and the netmask on > my vr1 interface be 16 IP's? I've not used/configured proxy ARP, so I can't be sure how effective it is, or whether it's really the solution. Those with more experience may know. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | Manager, CoreOS Networking | When crypto is outlawed, Apple Computer, Inc. | Only outlaws will have crypto. 2 Infinite Loop | Cupertino, CA 95014 | *-------------------------------------*-------------------------------* To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message