Thomas Gielfeldt <[EMAIL PROTECTED]> wrote on 26-10-02 20:22:15:
Hi
I have now finally bridged my two networks over the internet using vtun + netgraph.
+--------------+ <public ip>
| Cisco Router | ---------------
+--------------+ <172.16.0.1/16>
|
|
|
+--------------+
| Switch |
+--------------+
/ \
/ \
/ \
/ \
<172.16.1.1/16> +-----------+ +-----------+ <172.16.2.1/16>
----------------- | Gateway A | | Gateway B | -----------------
<10.0.1.1/16> +-----------+ +-----------+ <10.0.2.1/16>
| |
| |
| |
+------------------------------+ +------------------------------+
| Network A | | Network B |
| | | |
| | | |
| | | |
| +---------+ +---------+ | | +---------+ +---------+ |
| | Host A1 | | Host A2 | | | | Host B1 | | Host B2 | |
| +---------+ +---------+ | | +---------+ +---------+ |
| <10.0.1.2/16> <10.0.1.3/16> | | <10.0.2.2/16> <10.0.2.3/16> |
+------------------------------+ +------------------------------+
The VTun creates the interface tap0 and I use the ether.bridge script (found in
/usr/share/examples/netgraph/) to bridge the tap0 interface and
the LAN interface.
However, mow I'm faced with a new problem.
Each net has its own DHCP-server, which causes the problem that hosts on e.g. Network
B receives an IP from the DHCP-server on Network A.
This not actually a problem, but I would still like to make the separation if the
IP-ranges to each Network.
I was thinking of something like filtering the tap0 on IP level. Ipfilter cannot be
used though, as it thinks it receives all data from the LAN interface
due to the bridge.
So you probably have to filter via netgraph?
Could somebody please help me on how to solve this. Examples will be appreciated.
Thanks in advance.
Best Regards
Thomas Gielfeldt
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
