OpenBSD arp proxy
Dear All,
I have a problem configuring routing. Here is how my setup looks:
Internet - - - ADSL modem (bridge mode) - - - OpenBSD BOX - - - - - - - Switch
- - - - - - - Server 1
IPOA: 196.218.x.97 vr1: 196.218.x.98
| bge0: 196.218.x.100
|
|
|
Server 2
eth0: 196.218.x.101
The idea is to give public IPs to servers behind OpenBSD firewall. I don't want
to assagin IP addresses to OpenBSD BOX and use binat. I want to servers have IP
assigned to their interfaces so I can
reach them directly from internet.
Someone told me that I have to use arp proxy. As I know OpenBSD has builtin arp
proxy using userland arp utillity.
When I added arp -s 196.218.x.100 mac_address_of_server1 perm pub . I still
couldn't reach 196.218.x.100 .
Ofcoure I will have to add: no nat on $ext_if from { 10.0.0.3, 10.0.0.7 } to
any .
Thank you in advance,
Dominik
Re: OpenBSD arp proxy
2007/6/9, Dominik Zalewski [EMAIL PROTECTED]: Dear All, I have a problem configuring routing. Here is how my setup looks: Internet - - - ADSL modem (bridge mode) - - - OpenBSD BOX - - - - - - - Switch - - - - - - - Server 1 IPOA: 196.218.x.97 vr1: 196.218.x.98 | bge0: 196.218.x.100 | | | Server 2 eth0: 196.218.x.101 In such setup, you should configure obsd box as a (address-less) bridge, something like this: [(16:58):[EMAIL PROTECTED]:~ ] cat /etc/bridgename.bridge0 add fxp0 add xl0 blocknonip fxp0 blocknonip xl0 up [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.xl0 up [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.fxp0 up or if you WANT to assign IP-address to obsd box: [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.fxp0 inet 196.218.x.98 255.255.255.248 NONE I hope you get the idea
Re: OpenBSD arp proxy
On Saturday 09 June 2007 04:04:13 pm Anton Karpov wrote: 2007/6/9, Dominik Zalewski [EMAIL PROTECTED]: Dear All, I have a problem configuring routing. Here is how my setup looks: Internet - - - ADSL modem (bridge mode) - - - OpenBSD BOX - - - - - - - Switch - - - - - - - Server 1 IPOA: 196.218.x.97 vr1: 196.218.x.98 | bge0: 196.218.x.100 Server 2 eth0: 196.218.x.101 In such setup, you should configure obsd box as a (address-less) bridge, something like this: [(16:58):[EMAIL PROTECTED]:~ ] cat /etc/bridgename.bridge0 add fxp0 add xl0 blocknonip fxp0 blocknonip xl0 up [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.xl0 up [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.fxp0 up or if you WANT to assign IP-address to obsd box: [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.fxp0 inet 196.218.x.98 255.255.255.248 NONE I hope you get the idea It works:) Thank man:) Dominik
