From owner-freebsd-questions Mon Jan 24 18:43:16 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail.enteract.com (mail.enteract.com [207.229.143.33]) by hub.freebsd.org (Postfix) with ESMTP id 089431597D for ; Mon, 24 Jan 2000 18:43:13 -0800 (PST) (envelope-from jim@nasby.net) Received: from nasby.net (sysnasby@2.nasby.dsl.enteract.com [216.80.51.18]) by mail.enteract.com (8.9.3/8.9.3) with ESMTP id UAA03395 for ; Mon, 24 Jan 2000 20:43:11 -0600 (CST) (envelope-from jim@nasby.net) Message-ID: <388D0DBF.7D430FB8@nasby.net> Date: Mon, 24 Jan 2000 20:43:11 -0600 From: "Jim C. Nasby" Organization: distributed.net X-Mailer: Mozilla 4.7 [en] (WinNT; U) X-Accept-Language: en-US,en MIME-Version: 1.0 To: questions@freebsd.org Subject: Re: ipfw, multiple ISDN TAs, munging routes automagically References: <20000124193455.A55129@catkin.nothing-going-on.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Not to pick nits, but if the two were actually bonded, you wouldn't need to do this, correct? Nik Clayton wrote: > > Hi folks, > > I *think* ipfw can do this. But before it to a client, can someone > confirm for me whether or not the following is possible. > > Consider a network, with a FreeBSD (probably -stable, but I can use > -current if absolutely necessary). The FreeBSD host has 3 interfaces; > a regular ethernet interface, and two ISDN terminal adapters, both > doing ISDN B channel bonding, for a total of 256 Kbps. > > Now, what we want is for one half of the external network traffic > to automatically go up one of the ISDN TAs, and the other half to > go out of the other TA. Each TA will have a different IP address > assigned to it. > > I don't think I can do this with regular routing. Correct me if I'm > wrong on this, but I'm pretty certain about it. > > So I've got the following evil plan in mind. > > Run ipfw on the FreeBSD machine, with 2 rules. Both rules look at the > source address of the packet. If the source address is in the first 50% > of addresses on the internal network, then use a 'fwd' ipfw rule to > forward the packet on to the first ISDN TA. If the source address is in > the second half of the internal network, use a 'fwd' rule to send it out > to the second TA. > > Oh yeah, and I'll be doing NAT at the same time. > > When you've finished retching from this gross hack (which will only be > used for a couple of weeks until the fibre is laid), can anyone confirm > or deny whether or not the above will actually work? I don't see > anything in ipfw(8) which would preclude it, but I thought I'd check > just in case. > > Cheers, > > N > -- > If you want to imagine the future, imagine a tennis shoe stamping > on a penguin's face forever. > --- with apologies to George Orwell > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Jim C. Nasby (aka Decibel!) /^\ jim@nasby.net /___\ Freelance lighting designer and database developer / | \ Member: Triangle Fraternity, Sports Car Club of America /___|___\ Give your computer some brain candy! www.distributed.net Team #1828 Get paid to surf!! http://www.enteract.com/~nasby/alladvantage.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message