Date: Thu, 29 May 2003 11:19:28 -0600 From: Gary Aitken <freebsd@dreamchaser.org> To: Vince Hoffman <Vince.Hoffman@uk.circle.com> Cc: questions@freebsd.org Subject: Re: DSL router when what I need is a bridge; ARP problem? Message-ID: <3ED64120.3070607@dreamchaser.org> References: <3500515B75D9D311948800508BA37955014BDB96@EX-LONDON>
next in thread | previous in thread | raw e-mail | index | archive | help
> > >If i've understood you correctly you want to join two seperate physical >network segments on the same subnet using the freebsd box. > >Since the join is the Freebsd box then getting that to bridge the two >nics should work (assigning and IP to one if needed.) >Otherwise you'll need some more routes and to make things more complex, > a working example that I have in use (wanted to firewall a class c but >was supplied with a managed router as .1 and didnt want to use bridging.) >The router and firewalls routerside nic have a .252 netmask (subnet of >.1 and .2) the router (.1) has a static route of x.y.z.0/24 via .2 >(firewalls external nic) the firewall has .1 as >its default route. rest of class c has firewalls other nic (.194 for >no good reason) as default route. > > This is basically what I have set up. Unfortunately, the router box in question, a cisco 678 DSL modem, doesn't do its routing job correctly, and instead of forwarding packets via the (.2 in your case) firewall's external network interface, queries that network looking for a direct connection to the destination host. According to the arp man page, arp should make it possible for the firewall to handle this request, but it isn't. If the firewall would pass it's own (.2 in your case) ethernet address as a proxy for the requested internal host, the router would send the packet to the firewall, which would then forward it appropriately. Gary
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ED64120.3070607>