From owner-freebsd-questions@FreeBSD.ORG Fri Oct 10 08:17:37 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CC62316A4B3 for ; Fri, 10 Oct 2003 08:17:37 -0700 (PDT) Received: from p1028-ipbffx02marunouchi.tokyo.ocn.ne.jp (p1028-ipbffx02marunouchi.tokyo.ocn.ne.jp [220.111.132.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5A4E843F93 for ; Fri, 10 Oct 2003 08:17:36 -0700 (PDT) (envelope-from lukek@meibin.net) Received: (qmail 96506 invoked by uid 89); 10 Oct 2003 15:16:54 -0000 Received: from unknown (HELO ?192.168.10.8?) (192.168.10.8) by 192.168.20.5 with SMTP; 10 Oct 2003 15:16:54 -0000 Date: Sat, 11 Oct 2003 00:11:23 +0900 From: Luke Kearney To: Ian Moore In-Reply-To: <200310102329.08549.imoore@picknowl.com.au> References: <200310102329.08549.imoore@picknowl.com.au> Message-Id: <20031011000520.A57B.LUKEK@meibin.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Becky! ver. 2.07.01 cc: freebsd-questions Subject: Re: ADSL modem & ip addresses X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Oct 2003 15:17:37 -0000 Hi, You need a single machine with two nics to setup as a firewall machine. You should not require a second IP address. If you google for howtos on setting up FreeBSD as a gateway machine/sharing cable/sharing adsl etc etc you will find heaps of easy to follow articles. Furthermore, if your provider will give you a choice then the hardware IMHO of choice is a DSL bridge. Run PPPoE from the FreeBSD machine. FWIW I went from having /29 to a single address and there was a little initial pain in getting the NAT/routing setup appropriately but after pulling out lots of hair it finally works. Whilst on the subject, the kind of stress and overhead that PPPoE puts on a FreeBSD machine is negligible. I have a fibre connection which at times hits 70Mb and the machine ( a lazy PII 300 w 256Mb of RAM ) never gets above 15% CPU usage. So any old machine you have lying around in bits will probably do very nicely. HTH LukeK On Fri, 10 Oct 2003 23:29:08 +0930 Ian Moore spake thus: > Hi, > I'm organising an ADSL connection and I'm a bit confused about our options. > > We need to provide web, ssh and mail access to our network for users from home > across the Internet with an ADSL connection. > I figure the best way to do this is to setup a new machine to act as a > firewall and run a web server & sendmail on this box. (or I have seen > something about using socket to divert these services to our existing server > which has a private address). > The firewall would have a NIC with a private IP address to connect to the rest > of our network. > > What's the best way then to connect it to the ADSL line? > Do we have a second NIC in the firewall machine with a real IP address > connected to an ADSL modem and use ppp -natd on that interface? Does that > mean we'd need 2 static IP addresses - one for the firewall & one for the > modem? (We really don't want to pay for 2 addresses) > > Or can we use a USB connection instead - are there FBSD drivers for ADSL > modems? I can't see any in the supported hardware list. > > Or do we use a combined modem/router device to do the nat & firewalling and > have it redirect mail, web & ssh access to our main server? (is that possible > or do such devices not allow access into the network from the 'net?) > > Cheers, > Ian > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- Luke Kearney