From owner-freebsd-questions@FreeBSD.ORG Sat Oct 4 09:06:37 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3FA7316A4B3 for ; Sat, 4 Oct 2003 09:06:37 -0700 (PDT) Received: from mgw-x1.nokia.com (mgw-x1.nokia.com [131.228.20.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id A863243F93 for ; Sat, 4 Oct 2003 09:06:34 -0700 (PDT) (envelope-from mjj@isorauta.ntc.nokia.com) Received: from esvir01nok.ntc.nokia.com (esvir01nokt.ntc.nokia.com [172.21.143.33])h94G6X616064 for ; Sat, 4 Oct 2003 19:06:33 +0300 (EET DST) Received: from esebh001.NOE.Nokia.com (unverified) by esvir01nok.ntc.nokia.com for ; Sat, 4 Oct 2003 19:06:30 +0300 Received: from isorauta.ntc.nokia.com ([172.22.105.162]) by esebh001.NOE.Nokia.com with Microsoft SMTPSVC(5.0.2195.6139); Sat, 4 Oct 2003 19:06:32 +0300 Received: (qmail 13475 invoked by uid 500); 4 Oct 2003 16:06:31 -0000 Date: Sat, 4 Oct 2003 19:06:31 +0300 From: Mike Jackson To: freebsd-questions@freebsd.org Message-ID: <20031004160631.GA13376@isorauta.ntc.nokia.com> Mail-Followup-To: freebsd-questions@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline User-Agent: Mutt/1.4i X-OriginalArrivalTime: 04 Oct 2003 16:06:32.0073 (UTC) FILETIME=[7A265790:01C38A91] Subject: bridging multiple interfaces X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Oct 2003 16:06:37 -0000 Hi, I would like to ask for some advice on configuring my home network, with a FreeBSD 5.1 being the main player. In a nutshell, I want to route wired and wireless traffic through my FBSD box, do some ipfw, perhaps IPSec, and some bandwidth shaping, and finally send the traffic out to the internet. I have an ADSL router/switch with a public IP, running NATD. I have a 5.1 box with three interfaces: - Netgear MA301 (wi0) - 3Com 905b (xl0) - 3Com 905b (xl1) wi0 is bridged to xl1, so that wireless boxes can connect to the internet. xl0 is plugged into a 5-port switch, and is turned down. The current configuration is: - pc1 (5.1 box) is plugged into the ADSL switch - pc2 (linux box) is plugged into the ADSL switch - pc3 (win2k laptop) is using pc1 (wi0) as it's wireless access point The desired configuration is: - pc1 (xl1) is plugged into the ADSL switch - pc1 (xl0) is plugged into the 5-port switch - pc2 is plugged into the 5-port switch - pc3 is using pc1 (wi0) as it's wireless access point - pc1 is serving DHCP in xl0 and wi0 - all machines plugged into the 5-port switch can access internet - all machines using pc1 (wi0) as wireless access point can access internet - pc1 (wi0) is only accessible via IPSec - pc1 (wi0 and xl0) or xl1 doing bandwidth shaping - preferable to be able to limit bandwidth per workstation I tried to bridge both xl0 and wi0 to xl1, but the network just stopped completely and I had to reboot the machine. And I'm not even sure if this is the correct or best approach. Any suggestions? Thanks! -- mike