Date: Sat, 28 Jun 2003 19:52:56 -0300 From: "Han Hwei Woo" <hhwoo@argosy.ca> To: "Keith Spencer" <bsd2000au@yahoo.com.au>, <freebsd-questions@freebsd.org> Subject: Re: A routing/IP/NIC query < Expert required Message-ID: <002801c33dc8$043e6f60$0200a8c0@a7n8x> References: <20030628222540.24302.qmail@web12003.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Sorry, some of the things you said were kind of confusing. 1) Do your xxx.xxx.xxx.* IP's = 10.0.0.*? If not, why bother with the 10.0.0.* IP's? 2) I think you are just setting up a typical NAT configuration, but correct me if I'm wrong. 3) What do you mean by "2 ip live servers inside the firewall" exactly? If you mean you have, for example, a webserver and an ftp server on non-routable IP's on your internal network, you can simply setup ipnat rules to direct them to the right place based on the port. For example: map fxp0 xxx.xxx.xxx.0/24 -> 0/32 rdr fxp0 yyy.yyy.yyy.yyy/32 port 80 -> xxx.xxx.xxx.www rdr fxp0 yyy.yyy.yyy.yyy/32 port 21 -> xxx.xxx.xxx.ftp In any event, additional internal IP aliases on your internal interface will not help you to uniquely identify incoming connections for more than 1 server. ----- Original Message ----- From: "Keith Spencer" <bsd2000au@yahoo.com.au> To: <freebsd-questions@freebsd.org> Sent: Saturday, June 28, 2003 7:25 PM Subject: A routing/IP/NIC query < Expert required > Hi all, > I have a new adsl isp allocating my fbsd 4.7 box a > routable IP (end user ip) > I have 32 (read that as 30) ips of my own to use and > route for my domain. > I have 2 NICs in the gateway/router > How should I setup the IPs and aliases etc. I > figure... > (yyy.yyy.yyy.yyy = ISP end user ip they gave me) > (xxx.xxx.xxx.xx1 = 1st usable ip in my 32 ip range) > (xxx.xxx.xxx.xx2 = 2nd usable ip in my 32 ip range) > > GATEWAY MACHINE > > ADSL MODEM > | > |---------|--------| > | yyy.yyy.yyy.yyy | > | xxx.xxx.xxx.xx1 | > | | | > | fxp0 NIC | > | | > | | > | dc0 NIC | > | | | > | 10.0.0.1 | > | | > |__________________| > > Or do I also need an xxx.xxx.xxx.xx3 alias on the dc0 > because I have 2 ip live servers inside the firewall. > I think I do! Am I right or am I right? > I have ipfilter on this machine with ipnat setup tonat > the 10.0.0.0 addresses. > Also, I suppose I could setup ipnat to do mapping of > xxx.xxx.xxx.xxn addresses into 10.0.0.n private > address. > what say you? > Thanks > Keith > > > > > > > > > > > > http://mobile.yahoo.com.au - Yahoo! Mobile > - Check & compose your email via SMS on your Telstra or Vodafone mobile. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002801c33dc8$043e6f60$0200a8c0>