Thread: Network configuration issue (gateway(s))
View Single Post
  #2   (View Single Post)  
Old 24th November 2009
ai-danno's Avatar
ai-danno ai-danno is offline
Spam Deminer
  
Join Date: May 2008
Location: Boca Raton, Florida
Posts: 284
Default Lots of birds, and one stone won't kill them all
Welcome! It's been awhile for me on this forum but I got the message and love helping with networking noobs interested in OBSD... so here goes.

Attached is the diagram you submitted with my changes. Let's review some changes and other points here-
  • trendnet should bridge, not route
    Introducing multiple routed hops in a small lan should be avoided, and the wireless switch should be used for just that- wireless switching. Allow the OBSD box to be the router for the network. Later down the road this will lay the foundation for further securing your wireless internet access in your LAN (let's call that chapter 2).
  • The wireless switch can still maintain it's addressing...
    So that it can have a placeholder address for management purposes, but that will need to change from the 192.168.10.0/24 it's currently showing as being assigned to in your original diagram to the 192.168.0.0/24 network that the desktops and the OBSDbox belong to.
  • default gateway for desktops should be 192.168.0.120
    This is your rl0 interface that directly attaches to the Trendnet wireless switch (I know, it's a router, but we are just going to use it as a wireless switch between your desktop and your OBSDbox).
  • obsd box should nat between the 192.168.0.0/24 and 10.0.0.0/24
    This will require not only a bit of learning/work in pf (which we can assist in, of course) but will also require turning on forwarding in the OBSDbox (# sysctl net.inet.ip.forwarding=1 or permanently edit /etc/sysctl.conf)
  • cradlepoint will of course nat between public and 10.0.0.0/24
    The way you had the whole network using the 192.168.0.0/24 made it a flat network, but we want a routed breakpoint in the network to allow for NAT. That means the cradlepoint will need to speak to the OBSDbox on a different private network than the OBSDbox uses to talk to the desktops across the wireless switch.
  • don't worry about dhcp for now,
    but there are some really good reasons to use it in your network

    I'm sure I've left something out, but this should get you started. Remember to reference the diagram I attached back with the changes.

Code:
desktop1                     laptop1
192.168.0.201              192.168.0.202
      |                     |
      |_192.168.0.2_________|
            |
            |
        TRENDnet (wireless router)- USE AS A BRIDGE ONLY, NOT AS A ROUTER.
        192.168.0.1
            |
            |
  +-----rl0   192.168.0.120-----+ (ip i assigned)
  |                             |
  |           openbsdbox        |
  |                             |
  +-----dc0   10.0.0.110------+
            |
            |
        cradlepoint (mobile broadband to ethernet converter)
        10.0.0.1
            |
            |
         internet


The default gateway of your desktops should be 192.168.0.120
The TRENDnet should bridge, not route, packets from desktop to obsdbox
Obsdbox should nat between the two private networks (192.168.0.0/24 and
10.0.0.0/24) unless the cradlepoint will have routing intelligence back
to the 192.168.0.0/24 network.
Attached Files
File Type: txt dannodiagram.txt (932 Bytes, 74 views)
__________________
Network Firefighter
Last edited by J65nko; 25th November 2009 at 12:04 AM. Reason: Added diagram inline ;) Come on boys, where does this diagram attachment disease come from?
Reply With Quote