From owner-freebsd-questions Thu Sep 7 6:54:15 2000 Delivered-To: freebsd-questions@freebsd.org Received: from ipamzlx.physik.uni-mainz.de (ipamzlx.Physik.Uni-Mainz.DE [134.93.180.54]) by hub.freebsd.org (Postfix) with ESMTP id F3CF937B422 for ; Thu, 7 Sep 2000 06:54:11 -0700 (PDT) Received: from ipamzlx.Physik.Uni-Mainz.DE (ipamzlx.Physik.Uni-Mainz.DE [134.93.180.54]) by ipamzlx.physik.uni-mainz.de (8.11.0/8.9.3) with ESMTP id e87DugT16019 for ; Thu, 7 Sep 2000 15:56:42 +0200 (CEST) (envelope-from ohartman@ipamzlx.physik.uni-mainz.de) Date: Thu, 7 Sep 2000 15:56:42 +0200 (CEST) From: "O. Hartmann" To: freebsd-questions@freebsd.org Subject: Networking Basics on Bridging and Forwarding Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Dear Sirs. it is a little bit confusing to me and maybe to others, and it's not easy to dig all the necessary informations that are vanished by the 'documentation' of FBSD concerning some really important switches in the kernel configuration and later on done by sysctl. I have to set up an dual homed server which should act as an IP filter using IPFW, so I think I should call it firewall. Because this machine has to be 'plugged in on the fly' into an existing network I have to configure and gather experiences without any kind of simulating environment, so this task seems really hard to me. Well, while fiddling around with the kernel, two NICs and assigning IPs to each NIC I ran into trouble for a while. My main intention is to learn more about the differences between the option bridging and IP forwarding. Well, as I understand all the literature I've been reading for this, IP forwarding forwards pakets from one IP source to another IP destination - but there is nothing be said about NICs. Well, I enabled so far IP forwarding by enabling the machine acting as a gateway. This switch is well known and located /etc/rc.conf.local. My handicap is, that I have only IPs out of a pool of a local network and the IPs are wide spread over the complete range of available IPs, so I can not split both NICs into two separate networks. Due to this fact I took some examinations in attaching a second machine BEHIND the second NIC. So, NIC1 is attached to the main LAN and gateway, NIC2 is assigned with a server and some services and attached to another machine, a WIN2k client. Idea was: Filtering all netflow through NIC1 and NIC2 by IPFW and proxy net- connects from win2k client to the outside world. To perform this task, IP forwarding was not enough, the win2k client had no access to the outside world until bridging was enabled. Well, I know that this type of configuration is really lousy and I suppose there is a kind of logical mistake in this construction. Maybe someone out here has any idea how to set up a satisfying simulating environment. But much more important to me is: what is the difference between bridging and forwarding? Is IP forwarding working correctly without bridging in a dual homed environment? Why using BRIDGING? Do we have some deeper insights for FreeBSD on the net, like special links? I regret asking these foolish questions, but consulting Linux documents offers an other scheme of 'how to do', sometimes not applicapable to FBSD. Gruss O. Hartmann ------------------------------------------------------------------- ohartman@ipamzlx.physik.uni-mainz.de Klimadatenserver des IPA, Universitaet Mainz Netzwerk- und Systembetreuung To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message