From owner-freebsd-net@FreeBSD.ORG Fri Sep 3 13:45:56 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2B37F16A4CF for ; Fri, 3 Sep 2004 13:45:56 +0000 (GMT) Received: from wjv.com (fl-65-40-24-38.sta.sprint-hsd.net [65.40.24.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6F8E843D49 for ; Fri, 3 Sep 2004 13:45:55 +0000 (GMT) (envelope-from bv@bilver.wjv.com) Received: from bilver.wjv.com (localhost.wjv.com [127.0.0.1]) by wjv.com (8.12.11/8.12.11) with ESMTP id i83DjrBi050885 for ; Fri, 3 Sep 2004 09:45:54 -0400 (EDT) (envelope-from bv@bilver.wjv.com) Received: (from bv@localhost) by bilver.wjv.com (8.12.11/8.12.11/Submit) id i83Djr4P050884 for freebsd-net@freebsd.org; Fri, 3 Sep 2004 09:45:53 -0400 (EDT) (envelope-from bv) Date: Fri, 3 Sep 2004 09:45:43 -0400 From: Bill Vermillion To: freebsd-net@freebsd.org Message-ID: <20040903134543.GB50526@wjv.com> References: <413763C1.90208@bronzedragon.net> <2755213000.20040903102918@star-sw.com> <41385003.1080904@bronzedragon.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41385003.1080904@bronzedragon.net> Organization: W.J.Vermillion / Orlando - Winter Park ReplyTo: bv@wjv.com User-Agent: Mutt/1.5.6i Subject: Re: 3 NICs - 1 upstream, 2 downstream to same subnet?? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: bv@wjv.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Sep 2004 13:45:56 -0000 On Fri, Sep 03, 2004 at 07:05 , RRrp Toren moved his mouse, rebooted for the change to take effect, and then said: > Nickolay A. Kritsky wrote: > > >Hello rip, > > > >Are you sure that you want only one subnet? In your case two different > >subnets on two interfaces IMHO look much better. If you are sure about > >one-subnet setup than you should try to set up a bridge(4) between > >them two NICs. Bridge in FreeBSD is supporting ipfw filtering, so > >you can still complete your security goals. > No, I am nor sure. I tried using 11.x.x.x on the xl0, but all > routing out of the machine stopped along there somewhere. It > may have been the xl drivers that don't seem to play well with > multiple copies running. The 11.x.x.x network belongs to the Department of Defense. Be sure to use only number allocated for private use. Thats the complete 10.x.x.x, 17.16.x.x to 17.31.255.255 and 192.168.x.x. Using addresses outside the private address space can mislead you when routers take the date elsewhere. -- Bill Vermillion - bv @ wjv . com