Date: Wed, 9 Aug 2000 15:30:58 -0400 From: "Wayne Sheppard" <mrwayne@mindspring.com> To: <freebsd-newbies@FreeBSD.org> Subject: Bridging and IPs? Message-ID: <004d01c00238$79dfad20$6901a8c0@cwayne>
next in thread | raw e-mail | index | archive | help
I've got a two computers, two IPs, and a cablemodem. My Windows computer needs (from what I understand) a public IP so I can VPN to work. Otherwise I'd use NAT. In the simplest configuration, I'd just put a hub on the cablemodem and attach both the Windows and FreeBsd computers to the hub. This should work, but I haven't tested it yet (I don't have a 10mb hub). The only problem with this is I don't have a firewall. Another possible configuration would be a bridged setup. The FreeBSD box would be dual-honed, acting as a firewall and bridge. The Windows box would connect on one interface, with the cablemodem on the other interface. Here is what I found in the Handbook: ================================ 16.3.2.2. Filtering/traffic shaping firewall The second common situation is where firewall functionality is needed without IP Masquerading (NAT). An example is a small company that is connected via DSL or ISDN to their ISP. They have a 13 address global IP allocation for their ISP and have 10 PCs on their network. In this situation, using a router-based firewall is difficult because of subnetting issues. A bridge-based firewall can be configured and dropped into the path just downstream of their DSL/ISDN router without any IP numbering issues. [...] 16.3.6. Other information If you want to be able to telnet into the bridge from the network, it is OK to assign one of the network cards an IP address. The consensus is that assigning both cards an address is a bad idea. ================================ Maybe I should just take the plunge and compile the bridging options into my kernel, but I'm just a newbie and want to understand what I am doing first. I'm confused by the 16.3.6 section. - What do I assign an IP to, the internal or external interface? - Is there any good information on Bridging setup? - Will I be able to access the bridge computer (the FreeBSD box) from both the internal Win98 box and the internet? - Is it possible to use VPN through NAT? (I don't think so) - Would I just be better off with the simple config, skipping the bridge and firewall? Wayne To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004d01c00238$79dfad20$6901a8c0>