RE: Virtual Network Interfaces
- From: "Raymond Wagner" <wagnerrp@xxxxxxxxxxxx>
- Date: Tue, 31 Oct 2006 11:10:47 -0500
I was expecting replies to come back from freebsd-net@xxxxxxxxxxx, so I
didn't see your response until now. I want to keep the two networks
separate, so I don't want to bridge the internal and external directly.
Besides, since I have more machines than available IPs, I would have to
assign the internal-only machines to addresses that may not be available. I
want to avoid such addressing overlaps.
Your other method is that I keep NAT on the internal interface as normal,
and then create VLANs, bridged to the external interface, to each computer
with an external IP. Those machines would communicate as normal on the
internal network, but use the VLAN interface for external access. I've not
used VLANs before, so I don't know exactly how they work. I know the
wrapper causes some overhead, and my switch drops packets >1500 bytes. Do I
have to lower the MTU on the internal network, or just the VLANs and
external? Also, will my ISP know not to send the larger packets?
-----Original Message-----
From: Jeremie Le Hen [mailto:jeremie@xxxxxxxxxx]
Sent: Monday, October 23, 2006 5:48 AM
To: Raymond Wagner
Cc: freebsd-net@xxxxxxxxxxx
Subject: Re: Virtual Network Interfaces
Raymond,
On Sun, Oct 22, 2006 at 06:01:03PM +0200, Jeremie Le Hen wrote:
On Mon, Oct 16, 2006 at 02:12:47AM -0400, Raymond Wagner wrote:but
My ISP provides me up to 5 dynamically assigned addresses out of a /20
block. I have more than 5 machines on my network, so I have no choice
theirto run NAT, however I would like to force two of those machines onto
theown external addresses. If I had static addresses, I could simply alias
redirectaddresses into the external interface and then use "binat" in pf to
truethe traffic. However, the addresses have to be requested from the DHCP
server, and expire after 4 hours.
I can get this to work by running the NAT function under QEMU and just
giving the virtual machine several interfaces bridged to the physical
external interface. Running a VM is far from ideal. Is there any way I
could set up a virtual network interface that could be bridged to the
interface and grab its own DHCP address?
I don't know if that works, but I would try the following setup.
Supposing you have two physical interaces, an external one (ext0)
and an internal one (int0), I would create a VLAN on int0 for
each machine which have to have its own public address (vlan1
and vlan2) and bridge { ext0, vlan1, vlan2 }.
I thought of another way this morning in my bathroom, which is far
neater, though I've not tested it.
First use if_bridge(4) to mingle ext0 and int0, then use the MAC
addresses to let through but the machines that are supposed to have
a public IP address; the other will have to use your FreeBSD as a
default gateway.
Regards,
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- References:
- Re: Virtual Network Interfaces
- From: Jeremie Le Hen
- Re: Virtual Network Interfaces
- Prev by Date: Re: Throughput problems with dummynet and high delays
- Next by Date: Re: New em driver
- Previous by thread: Re: Virtual Network Interfaces
- Next by thread: If_bridge behaving as HUB
- Index(es):
Relevant Pages
|
