Re: [pfSense Support] Public IP's behind Public IP's

2010-02-03 Thread Chris Flugstad 

Remko Lodder wrote:

On Wed, February 3, 2010 1:45 am, Chris Flugstad wrote:
  

So I am configuring a pfsense router with public IP's on the lan.  Some
of those public ips are also routers(some pfsense some not) and have
blocks of ip's of there own on the LAN.  What do i need to do on the
main(1st) router to make sure the blocks on the next routers are routed
correctly?

I started to make a flow chart and was even confused bout that ;)  If
you understand what I am asking, then great.  Much help would be
appreciated.

-chris





Well, if you have a cloud (the internet) incoming on the PFsense box it
works something like this:


[internet] -- [pfsense box external range] -- [internal public ip range]
  \--- [internal public ip range]

Etc.

To get that working properly, you will need to add your communication
network on the external network, and setup a connectivity lan on your
internal network. If you have 254 machines in that, you could take an /24,
and they could be private IP's for what that's worth (depending on the
needs).

Next: you need to setup routes to the internal gateways for the
appropriate networks.

Imagine your internal connectivity lan is: 10.0.1.0/24, your external
PFsense box is .1, router_2 is .2, router_3 is .3 , yadayada.

Router_2 contains the external entwork 192.168.1.0/24 and router_3
contains the external network 192.168.2.0/24.

On the external PFsense box you need to add two gateways, with the IP
addresses 10.0.1.2 and 10.0.1.3.

Next you need to add the routes:

192.168.1.0/24 points to router_2 (10.0.1.2)
192.168.2.0/24 points to router_3 (10.0.1.3)

Add more networks as you prefer, and create more gateways where needed.

Does this help to get it going?

Cheers,
remko

  


Remko

let me draw out what i am trying to do

  | router with public 
ip(207.246.152.1) -   public ip's on teh lan 216.127.61.1/29

provider 1-\
pfsense|--- | router with public 
ip(207.246.154.2) - public ip's on the lan 216.127.61.63/29

provider 2 -/
  | router with public 
ip(207.246.154.3) - public ip's on the lan 216.127.61.129/29





so how does doe the pfsense router at the beginning know that teh LAST 
ip blocks(ex. 216.127.61.1/29) is behind  207.246.152.1?


ill be trying use bgp to use both providers with the same ip's.  i do 
have an AS # and supposedly both providers have done what they needed.  
Currently provider 1 is our provider and all the IP's belong to them. 
they supply all the routing for us, untill tomorrow ;) when i will try 
to route with pfsense


i hope this helps

-chris

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

RE: [pfSense Support] Public IP's behind Public IP's

2010-02-03 Thread Nathan Eisenberg 
Chris,

Your diagram came through a bit mangled, at least for me.  Time to bust out 
MSPAINT.



-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] Public IP's behind Public IP's

2010-02-02 Thread Remko Lodder 

On Wed, February 3, 2010 1:45 am, Chris Flugstad wrote:
 So I am configuring a pfsense router with public IP's on the lan.  Some
 of those public ips are also routers(some pfsense some not) and have
 blocks of ip's of there own on the LAN.  What do i need to do on the
 main(1st) router to make sure the blocks on the next routers are routed
 correctly?

 I started to make a flow chart and was even confused bout that ;)  If
 you understand what I am asking, then great.  Much help would be
 appreciated.

 -chris



Well, if you have a cloud (the internet) incoming on the PFsense box it
works something like this:


[internet] -- [pfsense box external range] -- [internal public ip range]
  \--- [internal public ip range]

Etc.

To get that working properly, you will need to add your communication
network on the external network, and setup a connectivity lan on your
internal network. If you have 254 machines in that, you could take an /24,
and they could be private IP's for what that's worth (depending on the
needs).

Next: you need to setup routes to the internal gateways for the
appropriate networks.

Imagine your internal connectivity lan is: 10.0.1.0/24, your external
PFsense box is .1, router_2 is .2, router_3 is .3 , yadayada.

Router_2 contains the external entwork 192.168.1.0/24 and router_3
contains the external network 192.168.2.0/24.

On the external PFsense box you need to add two gateways, with the IP
addresses 10.0.1.2 and 10.0.1.3.

Next you need to add the routes:

192.168.1.0/24 points to router_2 (10.0.1.2)
192.168.2.0/24 points to router_3 (10.0.1.3)

Add more networks as you prefer, and create more gateways where needed.

Does this help to get it going?

Cheers,
remko

-- 
/\   Best regards,  | re...@freebsd.org
\ /   Remko Lodder   | re...@efnet
 Xhttp://www.evilcoder.org/  |
/ \   ASCII Ribbon Campaign  | Against HTML Mail and News


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org