In further answer to your original question --- here is an ASCII "graphic" of two local networks: There is a single "gateway" router to the Internet, which may be ISP-provided, and there is a second router between the two networks, which might be your OpenBSD platform.
Code:
{Internet} - [Router A] - {Outer Network} - [Router B] - {Inner Network} - [Workstation]
Consider:
- Router B has two NICs, which are on two different subnets.
- Devices on the Inner Network, such as the Workstation, need only know about their local subnet through their assigned IP address and netmask, and have a default route to all other addresses through Router B.
- Devices on the Outer Network, which are not shown, have two entries in their routing tables: a route to devices on the Inner Network through Router B, and a default route to all other addresses through Router A.
- Router B has two subnets provisioned on two NICs. It needs a default route to all other addresses through Router A.
- Router A has a NIC on the Outer Network, and has a default route through the ISP to the Internet. It needs a route added to its routing tables to reach the Inner Network through Router B.
A "Router on a Stick" in this environment could reduce the number of NICs required by Router B to a single physical NIC; it would require a managed switch with a minimum of 3 ports provisioned:
- A port provisioned to connect to the Outer Network.
- A port provisioned to connect to the Inner Network.
- A port connecting to Router B, provisioned with both the Inner and Outer Networks as VLANs.
The ports connecting to the Inner Network and Outer Network could be point-to-point with the Workstation or Router A, if there were no other devices on these networks. Otherwise, they should be connected through Ethernet switches to multiple devices on the respective networks.