[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Nat and flow redirect

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Nat and flow redirect
From: Philipp Buehler <OpenBSD_(_at_)_fips_(_dot_)_de>
Date: Wed, 31 Jul 2002 11:04:20 +0200
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
Reply-to: Philipp Buehler <OpenBSD_(_at_)_fips_(_dot_)_de>

On 31/07/2002, ghost <cu34_(_at_)_m1_(_dot_)_is_(_dot_)_net_(_dot_)_tw> wrote To misc_(_at_)_openbsd_(_dot_)_org:
>   I know I must use vlan to set it,
> or the MS netbios will still let the two lan can see each other.

Not really.

>   1.if the office lan and the work lan all use 192.168.1.x
>     ->office : 192.168.1.224~255
>     ->work   : 192.168.1.1~64
>     i want to let the two lan use the same openbsd box link to internet
>     but use the different ip to d the gateway, 
>     office nat ip : 192.168.1.254
>     work nat ip   : 192.168.1.1
>   2.i have two adsl,but i have no l3 switch,
>     so i use the ip "y" in adsl1 to do the nat ip -> 123.45.67.89
>     but if the flow is want to go to a ip which is in adsl2
>     (ex:124.46.68.81),
>     i can redirect it from ip "y" to ip "z" in adsl2,
>     Don't need route adsl1 -> internet -> adsl2
>     (i can set a ip "w" in adsl2 on the openbsd box -> 124.46.68.80
>     to do the nat ip for adsl2)

I must admit, that I do not really understand this weak description.
One possible setup/solution for this problem is to use 3, or better
4 NICs in the gateway.

NIC-1: ADSL1, NIC-2: ADSL2
NIC-3: 'work', NIC-4: 'office'

Use of correct netmasks on NIC3/4 and all clients there does the
trick seperating them from netbios discovery.

NIC3: 192.168.1.1 netmask 255.255.255.192
NIC4: 192.168.1.254 netmask 255.255.255.224

Traffic between those two networks will never hit the uplinks and
you can filter broadcasts there.

NAT for outgoing is still an easy task:
nat on $nic1 from 192.168.1.1/26 to any -> $nic1
nat on $nic2 from 192.168.1.224/27 to any -> $nic2

What you cannot do easily is to load balance those two uplinks, since
two default routes would make no sense for several reasons.

You can default to ADSL1, and route specific networks via ADSL2 or
you can go to the land of dynamic routing, but this has to be supported
from your ISPs.

>   If someone can help me or where I can find the information
>   to learn about that?

You lack either basic networking concepts, or your english is just to weak.
Check the OpenBSD FAQ (especially about networking) first, and
http://www.itprc.com/ has a lot of links to virtually anything about 
networking.
   
ciao
-- 
Philipp Buehler, aka fips | sysfive.com GmbH | BOfH | NUCH | <double-p> 

#1: Break the clue barrier!
#2: Already had buzzword confuseritis ?

References:
- Nat and flow redirect
  - From: ghost

Prev by Date: Re: Transprent Firewall over PPP
Next by Date: ldd & process accounting
Previous by thread: Nat and flow redirect
Next by thread: Ultra ATA 133 with OpenBSD 3.1
Index(es):
- Date
- Thread

Visit your host, monkey.org