From owner-freebsd-questions@FreeBSD.ORG Tue Apr 19 17:50:55 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F227516A4CE for ; Tue, 19 Apr 2005 17:50:55 +0000 (GMT) Received: from ns1.tiadon.com (SMTP.tiadon.com [69.27.132.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9D9A643D62 for ; Tue, 19 Apr 2005 17:50:55 +0000 (GMT) (envelope-from kdk@daleco.biz) Received: from [69.27.131.0] ([69.27.131.0]) by ns1.tiadon.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 19 Apr 2005 12:52:24 -0500 Message-ID: <426544FB.60801@daleco.biz> Date: Tue, 19 Apr 2005 12:50:51 -0500 From: Kevin Kinsey User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.3) Gecko/20041210 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Ash References: <42652A3B.2080502@mail.ru> <4265306A.7000207@speakeasy.net> In-Reply-To: <4265306A.7000207@speakeasy.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 19 Apr 2005 17:52:25.0265 (UTC) FILETIME=[8B83C210:01C54508] cc: errmaker@mail.ru cc: freebsd-questions@freebsd.org Subject: Re: gateway troubles X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Apr 2005 17:50:56 -0000 Ash wrote: > Alex wrote: > >> hi ! >> i have fbsd 5.3 router with gateway_enable="YES >>/etc/rc.conf >> and 3 interfaces: >> 1. xl0 (mynet) >> 2. rl0 >> 3. tun0 (internet) cuaa0 >> >> i need to get work router from mynet to rl0 net and internet . >> i want to do that without natd but net.inet.ip.forwarding=1 work >> only on one psihical interface :) i need to get work gateway >> between 3 interfaces . what i need to do ? > > > > In order to route traffic between your local network and the Internet > WITHOUT using NAT, then your ISP needs to assign a routeable public > subnet to you as well as at least one address on a segment shared > with one of their routers. Somehow, I get the feeling that this isn't > the case so probably will need to use NAT. > > FreeBSD gives you a few choices when it comes to building a > router/firewall > box. As always the handbook is the best place to start: > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html > > Incidentally, the handbook is available in multiple languages: > > http://www.freebsd.org/doc/ > I've left Ash's info in, since a pointer to the handbook is always a Good Thing(tm) in the best of FreeBSD's traditions... I notice your WAN link is tun0 ... are you using userland ppp(8)? Because ppp has a -nat switch and, AFAIK, it doesn't care where else on the box your packets are coming from. I use "ppp -nat -background myisp" to call ppp and everybody gets along fine ... except for the low bandwidth... :-( HTH, Kevin Kinsey