From owner-freebsd-isp  Wed Sep 30 09:41:15 1998
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id JAA00686
          for freebsd-isp-outgoing; Wed, 30 Sep 1998 09:41:15 -0700 (PDT)
          (envelope-from owner-freebsd-isp@FreeBSD.ORG)
Received: from whistle.com (s205m131.whistle.com [207.76.205.131])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA00665
          for <freebsd-isp@FreeBSD.ORG>; Wed, 30 Sep 1998 09:40:58 -0700 (PDT)
          (envelope-from archie@whistle.com)
Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id JAA07313; Wed, 30 Sep 1998 09:40:43 -0700 (PDT)
Received: from bubba.whistle.com(207.76.205.7) by whistle.com via smap (V1.3)
	id sma007311; Wed Sep 30 09:40:31 1998
Received: (from archie@localhost) by bubba.whistle.com (8.8.7/8.6.12) id JAA26226; Wed, 30 Sep 1998 09:40:31 -0700 (PDT)
From: Archie Cobbs <archie@whistle.com>
Message-Id: <199809301640.JAA26226@bubba.whistle.com>
Subject: Re: IPFW, Dual network cards
In-Reply-To: <3612702d.118121810@smtp.shellnet.co.uk> from Steven Fletcher at "Sep 30, 98 05:53:58 pm"
To: steven@shellnet.co.uk (Steven Fletcher)
Date: Wed, 30 Sep 1998 09:40:31 -0700 (PDT)
Cc: freebsd-isp@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL38 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Steven Fletcher writes:
> We've been running a combination of IPFW, NATD and IPLTD for some time
> now - very successfully I might add - at controlling bandwidth and
> using IP translation for our internal computers.
> 
> However we're attempting to make this a little more secure (as
> changing IP and gateway is a bit easy :>) and would like to know if
> possible the following:
> 
> 1) Will FreeBSD (3.0-19980804-SNAP) allow us to physically separate
> the network by placing 2 network cards in the machine and connecting
> one to each of our switches? Do I need anything such as routed to be
> running?

Are you talking about bridging or routing? If the former, yes but
with some work (ie, kernel patches). If the latter, just edit rc.conf
to enable IP forwarding and set up your routes. You don't need routed.

> 2) If so, can this network setup route other protocols - i.e Windows
> NetBEUI traffic or IPX setup? (I'm really looking for a 'no' answer
> here - if yes can it be stopped?)

FreeBSD doesn't do that stuff.. it has some vestigial code in the
kernel but nobody uses it and it's disabled by default.

-Archie

___________________________________________________________________________
Archie Cobbs   *   Whistle Communications, Inc.  *   http://www.whistle.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message