From owner-freebsd-current  Wed Dec  2 15:50:29 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id PAA22359
          for freebsd-current-outgoing; Wed, 2 Dec 1998 15:50:29 -0800 (PST)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from resnet.uoregon.edu (resnet.uoregon.edu [128.223.144.32])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA22354
          for <freebsd-current@FreeBSD.ORG>; Wed, 2 Dec 1998 15:50:27 -0800 (PST)
          (envelope-from dwhite@resnet.uoregon.edu)
Received: from localhost (dwhite@localhost)
          by resnet.uoregon.edu (8.8.8/8.8.8) with ESMTP id PAA27304;
          Wed, 2 Dec 1998 15:49:58 -0800 (PST)
          (envelope-from dwhite@resnet.uoregon.edu)
Date: Wed, 2 Dec 1998 15:49:57 -0800 (PST)
From: Doug White <dwhite@resnet.uoregon.edu>
To: andrea <andrea.franceschini@linet.it>
cc: freebsd-current@FreeBSD.ORG
Subject: Re: ip-masquerading.natd,ip-aliasing ....
In-Reply-To: <003701be1df4$ee86f400$4d18b9c2@oma.linet.it>
Message-ID: <Pine.BSF.4.03.9812021545490.17752-100000@resnet.uoregon.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed, 2 Dec 1998, andrea wrote:

> I'm looking for a way to configure my  intranet using natd.
> The problem is that the configuration that i need is a little unsual and i
> wonder if is applicable.
> 
> The configuration is as follow:
> 
> On the Same LAN :
> 
> 1 - Web Server (with routable Ip-address)
> 2 - Mail Server ( ""           ""         ""            )
> 3 - 1 router connected to the InterNet.
> 4 - Many other boxes with not Routeble ip addresses (192.168.. )
> 
> So i have 2 subnet on the same phisical net.
> 
> What i'm wondering is:
> 
> It's possible to share in the same phisical Lan( eg without gateway
> with 2+ Ether Card) between 2 networks?

If you want to use natd, you should use it's redirect_port feature instead
of mixing the networks.  This way you get the filtering feature of natd
protecting your mail and web server.  The downturn is that you loose
flexibility on your web server -- if you add services you'll have to set
up redirect rules for it.

I don't know how fancy your router is, if it can be taught to natd certain
packets or not (I think ipfw can do it, not sure).

> I'have tried assigning 2 ip address at the same interface ,and using
> this machine as a gateway on the same phisical net.

You have to use an alias (with the netmask of that network, not
0xffffffff) on the interface to get the second IP programmed in.

Doug White                               
Internet:  dwhite@resnet.uoregon.edu    | FreeBSD: The Power to Serve
http://gladstone.uoregon.edu/~dwhite    | www.freebsd.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message