Date: Mon, 8 Mar 2004 18:02:21 +0000 From: Wayne Pascoe <freebsd-feb@penguinpowered.org> To: freebsd-questions@freebsd.org Subject: Alias in different subnet on card Message-ID: <20040308180221.GA19486@marvin.penguinpowered.org>
next in thread | raw e-mail | index | archive | help
Hi all, I'm running a firewall at the moment using FreeBSD 5.2.1 and IPFW. I have 3 interfaces in the machine. I need to be able to firewall a 4th range of IP's. I have tried to do this by adding an alias to xl1, but this hasn't worked. If I add the alias with a mask of 255.255.255.255, no other machine can ping the alias. I also see the following in /var/log/messages Mar 8 18:02:13 styx-tmp kernel: arplookup 19x.xxx.xxx.196 failed: host is not on local network The primary IP on xl 1 is currently 19x.xxx.xxx.1 and the mask on there is 255.255.255.128 (/25) If I add the alias with a mask of 255.255.255.240 (/28) which is the correct mask for this subnet, and the mask that all other machines use, then I am able to ping this address. However, at this point, no forwarding appears to take place for machines using this IP address as their default route. Is there any way to use an alias to do firewalling like this or do I have to get another network card? The problem with another network card is that will mean a whole new machine as I'm out of slots in this one. Thanks in advance ? -- Wayne Pascoe Microsoft complaining about the source license used by Linux is like the event horizon calling the kettle black - adamba on k5
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040308180221.GA19486>