From owner-freebsd-ipfw@FreeBSD.ORG Thu Mar 19 03:49:40 2009 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A4A4E106566C for ; Thu, 19 Mar 2009 03:49:40 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outN.internet-mail-service.net (outn.internet-mail-service.net [216.240.47.237]) by mx1.freebsd.org (Postfix) with ESMTP id 8D5788FC13 for ; Thu, 19 Mar 2009 03:49:40 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 8CAB6D17C; Wed, 18 Mar 2009 20:49:40 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id B696C2D600E; Wed, 18 Mar 2009 20:49:38 -0700 (PDT) Message-ID: <49C1C0D8.2060206@elischer.org> Date: Wed, 18 Mar 2009 20:49:44 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.19 (Macintosh/20081209) MIME-Version: 1.0 To: Lin Zhao References: <437430175.25503@ustc.edu.cn> In-Reply-To: <437430175.25503@ustc.edu.cn> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-ipfw@freebsd.org Subject: Re: pls help on 3 interfaces X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Mar 2009 03:49:41 -0000 Lin Zhao wrote: > hi all, wish my english is enough :-) > my freebsd has 3 interfaces, like this, > > ---- ----switch1 > | ---------- fxp0 | > | | |--------- > internal |--------|freebsd71 | > | rl0 | |--------- > | ---------- fxp1 | > ---- ----switch2 first set your routingtable so that teh 'special' addresses go via switch2, then set up NAT as follows: like this: ---- ----switch1 | ---------- fxp0 | | | NAT1(*)|--------- internal |--------|freebsd71 | | rl0 | NAT2|--------- | ---------- fxp1 | ---- ----switch2 (*) If you want, NAT1 may be left out if you use routable addresses on your internal network. The reason for the NAT is to make sure that outgoing packets have a source address that will make the return packets come back through switch2, otherwise, even if you have a route making the outgoing packets go via switch2, the return packets will still comeback via switch1. > > we're in the internal and want to visit outside > we use fxp0 for default outside address and it works well > but for some reason, i want to use fxp1 for some special outside address > how can i do for it? > thanks a lot. > > > Lin Zhao > SCGY,USTC,PRC > > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"