From owner-freebsd-questions Thu Oct 11 5:59:24 2001 Delivered-To: freebsd-questions@freebsd.org Received: from kanawha.cnpapers.net (kanawha.cnpapers.net [208.247.228.5]) by hub.freebsd.org (Postfix) with ESMTP id 26EA237B405 for ; Thu, 11 Oct 2001 05:59:19 -0700 (PDT) Received: from is-ua2.cnpapers.com (fw162.cnpapers.net [208.247.228.162]) by kanawha.cnpapers.net (8.9.3/8.8.7) with ESMTP id JAA05001; Thu, 11 Oct 2001 09:09:14 -0400 Message-Id: <5.1.0.14.2.20011011085700.0424d628@mail.cnpapers.com> X-Sender: jholstein@mail.cnpapers.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 11 Oct 2001 08:59:20 -0400 To: cjclark@alum.mit.edu From: "John Holstein, IS" Subject: Re: gateway and multiple subnets additional question attached Cc: freebsd-questions@freebsd.org In-Reply-To: <20011010203259.S387@blossom.cjclark.org> References: <5.1.0.14.2.20011010141951.0419e750@mail.cnpapers.com> <5.1.0.14.2.20011009143853.041e3ec8@pop.cotse.com> <5.1.0.14.2.20011009143853.041e3ec8@pop.cotse.com> <20011009232857.D387@blossom.cjclark.org> <5.1.0.14.2.20011010141951.0419e750@mail.cnpapers.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 08:32 PM 10/10/2001 -0700, you wrote: >On Wed, Oct 10, 2001 at 02:47:16PM -0400, John Holstein, IS wrote: > > At 11:28 PM 10/9/2001 -0700, you wrote: > >[snip] > > > >So, are you saying the real picture is, > > > > > > 192.168.0.x -----} > > > 192.168.1.x -----} > > > }--Cisco Router--|ed0 FreeBSD GW ed1|---- internet > > > 192.9.200.x -----} > > > 192.9.205.x -----} > > > > This is exactly what I need to do. > > > > >If that's the case, you just need to add the routes on the FreeBSD > > >gateway, > > > > > > # route add net 192.168.0.0 > > > # route add net 192.168.1.0 > > > # route add net 192.168.200.0 > > > # route add net 192.168.205.0 > > > > > >Where is the IP address of the router's interface on > > >the network with the FreeBSD box's ed0. > > > > > >To load these at boot, put something like, > > > > > > static_routes="0 1 200 205" > > > route_0="net 192.168.0.0 " > > > route_1="net 192.168.0.0 " > > > route_200="net 192.168.200.0 " > > > route_205="net 192.168.205.0 " > > > > > >In rc.conf(5). > > > > I think I am missing something. I have done the above, completely, > > including adding the routes to rc.conf but if I sit a box on _any_ subnet > > other than 192.9.200 (the same subnet as ed0), I cannot get out. > >OK, then the picture is not right. It should be (?), > > 192.168.0.x --} > 192.168.1.x --}-Cisco Router-{ 192.9.200.x }-|ed0 FreeBSD GW ed1|- internet > 192.9.205.x --} > >In this case, you need to take the references to 192.9.205.0 out of >the routing stuff. (Sorry about the "192.168" typos where I should have >put "192.9" in there. 192.9.205.0 is owned by Sun Microsystems, >BTW. That you?) > >I'm sensing that you may not have your various networks properly >subnetted here. Could _you_ draw us a picture with all of the >networks (including masks) and gateways? >-- >Crist J. Clark cjclark@alum.mit.edu > cjclark@jhu.edu > cjc@freebsd.org At http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/bridging.html down near section: 17.3.3.3 Firewall Support It is mentioned that a firewall option should be enabled to handle non-ip bridging. Where does the option IPFIREWALL_DEFAULT_TO_ACCEPT go? ipf.rules? John Holstein To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message