From owner-freebsd-isp Thu May 21 10:39:28 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA20055 for freebsd-isp-outgoing; Thu, 21 May 1998 10:39:28 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from java.dpcsys.com (java.dpcsys.com [206.16.184.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA20038 for ; Thu, 21 May 1998 10:39:22 -0700 (PDT) (envelope-from dan@dpcsys.com) Received: from localhost (dan@localhost) by java.dpcsys.com (8.8.7/8.8.2) with SMTP id KAA13366; Thu, 21 May 1998 10:40:50 -0700 (PDT) Date: Thu, 21 May 1998 10:40:50 -0700 (PDT) From: Dan Busarow To: sake@nl.euro.net cc: Joe Read , isp@FreeBSD.ORG Subject: Re: FreeBSD firewall In-Reply-To: <199805210744.JAA00412@support.euronet.nl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 21 May 1998, Sake Blok wrote: > The netmask is used to determine whether a host is on the same > physical network. Since you are splitting up your network into > two physical networks, you also must split up your IP-range > into two (smaller) subnets. Or better, ask for a /30 IP-range > for your router and the ed0-interface. Just to exand on Sake's post, with your current setup you need to create two /27 subnets. One for your router's eth port and the FreeBSD nic atttached to it. The second for your internal hosts. If you can live with 30 internal hosts that's a viable (though wasteful) solution. And you'll be up in minutes. If you need more internal addresses you need to take his advice on getting a /30 for the router to FBSD connection and using your /26 for the internal hosts. Dan -- Dan Busarow 949 443 4172 DPC Systems / Beach.Net dan@dpcsys.com Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message