Date: Thu, 21 Jan 1999 13:46:18 -0500 (EST) From: Antonio Bemfica <antonio@ngrdev.ic.gc.ca> To: freebsd-questions@FreeBSD.ORG Cc: Derek Jewett <djewett@snowcrest.net>, Paul Chvostek <paul@it.ca> Subject: Re: Quad-network card? and firewall Message-ID: <Pine.GSO.3.96.990121130737.23888B-100000@ngrdev.ic.gc.ca> In-Reply-To: <014f01be43c9$5bc5f4e0$0afea8c0@ws2600>
next in thread | previous in thread | raw e-mail | index | archive | help
Hopefully someone can help me here, since I am a bit new to this. If I use a 4 port NIC, setting the connections as below: F |0---> IP 196.xxx.yyy.123 to the router r | e B |1---> to Machine 1 (IP 196.xxx.yyy.124) e o | B x |2---> to Machine 2 (IP 196.xxx.yyy.125) S | D |3---> to Machine 3 (IP 196.xxx.yyy.126) The FreeBSD machine will be a firewall. My questions are: 1. Will Machine 1 be able to "talk" directly to Machine 2? It would if I was simply using a concentrator - must I setup static routes under FreeBSD to achieve this? Or would I use ipfw rules? 2. I assume I will need to redirect packets comming in on NIC 0 (from the router) to Machine 1 with ipfw rules (ipfw fwd ... via NIC1 ?) or would I need to use natd? 3. I would need to use ifconfig_NIC0_alias="inet IP_of_Machine1 etc" in rc.conf in order to pick up packets destined to the machines behind the firewall. 4. Wouldn't it be easier to just have two NICs in the FreeBSD box, one connected to the router and the other to a concentrator for the machines behind the firewall? Is there any advantage to using a 4 NIC card? I would appreciate any help I can get in setting this up. Thanks in advance. Antonio On Tue, 19 Jan 1999, Derek Jewett wrote: > I have an order in for one, I should get soon! > We looked at using a > multi port NIC to use in place of a switch. We have several segments to > route/firewall traffic through. As well we have ETC serial cards we > plan to use as well to make an ULTIMATE router for security and > hopefully performance. A swtich or hub provides little or no > security... Derek To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.3.96.990121130737.23888B-100000>