From owner-freebsd-questions  Fri Nov 15  3: 3:32 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3F2C737B401; Fri, 15 Nov 2002 03:03:31 -0800 (PST)
Received: from mail.yazzy.org (mail.yazzy.org [80.232.16.67])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id E15D943E6E; Fri, 15 Nov 2002 03:03:26 -0800 (PST)
	(envelope-from yazzy@yazzy.org)
Received: by mail.yazzy.org (Postfix, from userid 1001)
	id AB1C6A846; Fri, 15 Nov 2002 12:03:21 +0100 (CET)
Date: Fri, 15 Nov 2002 12:03:21 +0100
From: "Marcin M. Jessa" <yazzy@yazzy.org>
To: freebsd-isp@freebsd.org, freebsd-questions@freebsd.org
Subject: Network Troubles.
Message-ID: <20021115110321.GA4024@yazzy.org>
Reply-To: "Marcin M. Jessa" <yazzy@yazzy.org>
Mail-Followup-To: freebsd-isp@freebsd.org,
	freebsd-questions@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Organization: ezUnix.org
X-Operating-System: FreeBSD 4.7-RELEASE i386 10:28AM  up  1:01, 2 users, load averages: 0.00, 0.02, 0.03
X-Editor: Vim http://www.vim.org/
X-Mailer: Mutt http://www.mutt.org/
X-Info: http://www.ezUnix.org/
User-Agent: Mutt/1.5.1i
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Hi guys.

I have two subnets with static public IP's. 
Both point to my hardware SDSL router. 
One is 80.123.16.64-80.123.16.71 with 80.123.16.65 as the router IP and the other 123.234.173.128-255 with  123.234.173.129 as the router IP. 
I have LAN behind my firewall. It uses 80.123.16.66 to talk to the outside. 80.123.16.66 resides on one nic with a couple extra 80.123.16.64/224 IPs aliased on it.
I run natd and NAT these IP's to misc services behind my firewall.
When I add both 80.123.16.66 and 123.234.173.130 to my firewall I can connect to and from my LAN fine.
I can ping both IP's from inside and outside and connect to the services on my DMZ and to my LAN boxes.
But I also have a few boxes on the 123.234.173.128/128 subnet connected directly to my switch which is connected to the router. 
When I add 123.234.173.130 to a separate nic on my firewall, I cannot talk to the other boxes on that subnet anymore, even though they are not connected 
to my firewall but directly to a hub. Every connection attempt from the LAN or outside fails.
But then I can speak to 123.234.173.130 just fine. 
One more thing. I have 80.123.16.68 also connected directly to my switch and it works just fine. I am pretty confused.
Any idea what can cause that? 

INTERNET -> Router with 80.123.16.64-71 & 123.234.173.128-255 -> 3com Switch -> Firewall with 80.123.16.66, 80.123.16.67, 80.123.16.69 & 123.234.173.130 -> Lan & DMZ 
                                                                    x
                                                                    |
                                                                    |
                                                                    |
                                                                    x
                                           A few boxes with public IP's - on both 80.123.16.64-71 & 123.234.173.128-255 and firewalling directly on them.    
                                           

Another thing, can I run natd on two different nics? Something like natd_interface="dc1 xl0" ? I want LAN and DMZ to use 2 different gw IP's.

Thanks in advance.

YazzY

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message