From owner-freebsd-isp Wed May 16 1:58: 3 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.nsvis.dk (mail.nsvis.dk [194.239.250.155]) by hub.freebsd.org (Postfix) with SMTP id 48DFF37B423 for ; Wed, 16 May 2001 01:57:59 -0700 (PDT) (envelope-from marius@sorteberg.no) Received: from goppus.overalt.no [62.179.189.29] by mail.nsvis.dk (SMTPD32-4.07) id A2533D2014A; Wed, 16 May 2001 11:03:15 +0000 Content-Type: text/plain; charset="iso-8859-1" From: Marius Sorteberg To: Brent Rector , freebsd-isp@freebsd.org Subject: Re: Routing, IPFW, and/or Bridging??? Date: Wed, 16 May 2001 10:57:33 +0200 X-Mailer: KMail [version 1.2] References: <20010516.7280269@cr565151-a.vc.shawcable.net> In-Reply-To: <20010516.7280269@cr565151-a.vc.shawcable.net> MIME-Version: 1.0 Message-Id: <01051610573300.00325@goppus.overalt.no> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Take a look at this FAQ. http://www.schlacter.dyndns.org/public/FreeBSD-STABLE_and_IPFILTER.html It will get you started on a FreeBSD/IPfilter setup. Then read the IPfilter FAQ "http://www.obfuscation.org/ipf/ipf-howto.txt "to learn how to use redirection and IPNAT. You should also take a look at the IPfilter homepage, and the mailling list archive "http://coombs.anu.edu.au/~avalon/ip-filter.htm" I'm a newbee to IPfilter, but by using the above links, managed to set up a network with two "outside" NIC's, to different ISP's, and a DMZ on the inside of the firewall. Marius On Wednesday 16 May 2001 09:28, Brent Rector wrote: > Good Day Everyone! > > I have been reading and reading, and still am a little confused on what > path I should take. > > I am the admin for a couple of smallish ISP's. We are currently running > approximately 7 servers of various FreeBSD releases. We have 2 different > blocks of 32 IP's on two different subnets 209.17.xxx.xxx and > 216.18.10.xxx. Through one upstream provider... > > What I would like to do is setup another box running BSD to act as a > router/firewall kind of setup, and put all the machines on the protected > side. > > 1. Can I somehow route both blocks of IP's through one machine? (2 > different NIC cards installed). And still be able to use the public IPS > on the inside... Web, Mail, DNS, SSL etc.... > > 2. Can we still use the (public) IP's we have already setup on the > servers we are presently using? Or do I need to do some translation? > > 3. What setup would you recommend? Ipfw/natd? Bridge/ipfw? Or perhaps > some other combination.... > > Any help would be appreciated.... > > Brent Rector > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message