Date: Mon, 24 Jul 2006 10:09:09 +0100 From: Brian Candler <B.Candler@pobox.com> To: Brett Glass <brett@lariat.net> Cc: net@freebsd.org Subject: Re: Multiple NAT router Message-ID: <20060724090909.GB3412@uk.tiscali.com> In-Reply-To: <7.0.1.0.2.20060721105813.0971ae90@lariat.net> References: <7.0.1.0.2.20060721105813.0971ae90@lariat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jul 21, 2006 at 11:13:47AM -0600, Brett Glass wrote: > I have an application in which I'd like a FreeBSD router to have > multiple, isolated LANS attached to it, each with the same address > space. The FreeBSD box would take the place of multiple NAT routers. > > For example, I might want to have three internal Ethernet > interfaces on the FreeBSD box. Each would be connected to a LAN > whose internal addresses are 192.168.0.0/24. The FreeBSD box would > do NAT for all of them, and of course they could not "see" one another. FreeBSD won't support this 'out of the box' - because of the problem that you identified of having multiple NICs all with the same address range assigned to them. There's a project called 'vimage' which adds a separate virtual forwarding table per jail. This might work for you, although all the natd's "outside" interfaces would need to sit on the same interface, and I don't know if it can do that. Otherwise - you can run multiple instances of FreeBSD under a virtual machine environment like Xen or VMware, and bridge all the 'outside' interfaces together onto the same NIC. Also - you may still end up with a separate outside IP per vimage or VM, so maybe then you need another NAT instance to NAT all of those onto a single IP address :-) Regards, Brian.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060724090909.GB3412>