Date: Fri, 12 Aug 2005 11:58:16 -0700 From: Julian Elischer <julian@elischer.org> To: Donatas <donatas@lrtc.net> Cc: freebsd-net@freebsd.org Subject: Re: routing problem (with corrected scheme) Message-ID: <42FCF148.5010400@elischer.org> In-Reply-To: <027701c59f02$0eb808a0$9f90a8c0@donatas> References: <026001c59e7a$c6ca69c0$9f90a8c0@donatas> <42FBC0AE.8020803@elischer.org> <027701c59f02$0eb808a0$9f90a8c0@donatas>
next in thread | previous in thread | raw e-mail | index | archive | help
Donatas wrote: > hello, > I am sorry for a previous diagram that got wrapped . > If someone could take a look at the picture explaining the problem, I would be thankfull. > ftp://temp:temp@217.9.241.242/routing_problem.jpg - 136Kbytes. > Short description of a problem: I can't find a way to divert or route inbound traffic to specifiend ip(vlan) in IP level. > Do the users have to have real IP addresses or can they have NAT'd addresses? In other words, do they have INCOMING sessions or just outgoing sessions? If the latter then you could put a NATD on each of the vlan interfaces on the user router, so that the return packets will automatically go back to the vlan from which they came. Why do you need DIFFERENT VLANS between the two routers for data that will eventually go to different places? Why can't that decision be made on the core router? Is it just so you can shape traffic between the two routers? why not do the shaping on the core router? actually you should be able to do it with ipfw's 'fwd' rule without NAT. ipfw add 1000 fwd ip4 ip from any to ${USER_NETWORK} in recv em0 ipfw add 1001 fwd ip3 ip from any to ${USER_NETWORK} in recv em1
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42FCF148.5010400>