Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 24 Jan 2000 08:18:46 -0500
From:      Coleman Kane <cokane@one.net>
To:        ROGIER MULHUIJZEN <MULHUIJZEN@PZH.NL>
Cc:        freebsd-stable@freebsd.org, mylists@inr.net
Subject:   Re: Multiple IP addresses
Message-ID:  <20000124081846.A22713@evil.2y.net>
In-Reply-To: <s88c3bfa.028@smtp.pzh.nl>; from MULHUIJZEN@PZH.NL on Mon, Jan 24, 2000 at 05:53:19AM -0500
References:  <s88c3bfa.028@smtp.pzh.nl>
next in thread | previous in thread | raw e-mail | index | archive | help 
Easy. To build a firewall of machines that you still want to map unique internet
IPs to. I use a nice AMD 5x86 160 to do the job, with OpenBSD. It works rather
nicely. I am given 8 IP#'s by my DSL ISP, after broadcast, network, and router
that number goes down to 5. I basically map everything through one box and have
a sever on the outside, we have an internal network where nome machines get
mapped by NAT and three get a dedicated IP mapping. It's like this:

172.16.0.9 ---\                10.131.21.178 --\
172.16.0.10 --->172.16.0.1 <-> 10.131.21.179 ---> 10.131.21.177 --> Outside
172.16.0.39---/                10.131.21.180 --/       ^
                               10.131.21.182 -/    10.131.21.181
																   Server, outside
                                                   firewall
All the addresses 10.131.21.177-10.131.21.182 are addresses my ISP
maps directly to outside internet addresses. I have the four above mapped to one
ethernet port of the firewall, and have it map certain IP's to them,
172.16.0.9-172.16.0.11. Of course, there is no .11 above, but you get the idea.
Anything out of that range simply uses NAT. I also have DHCP set up to
automatically assign certain IPs based on ethernet HW ID, but that's a story for
another time....
--cokane
                               
ROGIER MULHUIJZEN had the audacity to say:
> >The scenario I have setup is as follows, the server (xl0) has been
> assigned
> >the IP address of yyy.yyy.yyy.8 and the I route an entire Class C to
> that
> >interface in the router, e.g.
> >ip route xxx.xxx.xxx.0 255.255.255.0 yyy.yyy.yyy.8
> 
> BTW, I'm just being curious here, why would you want to bind an entire
> class C subnet to a single machine? To me it seems like a total waste of
> precious real estate (until IPv6 becomes the standard).
> 
>            DocWilco
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000124081846.A22713>