|
FreeBSD Security Securing FreeBSD. |
|
Thread Tools | Display Modes |
|
|||
Feasibility: "Load Balance Outgoing Traffic" with 2 NICs only
Hello everybody,
First please bear in mind I'm quite a beginner at networking, routing and firewalling, so I probably have lots of naive misconceptions about stuff Here's the problem: At work we have a small 192.168.0.x LAN with several mainstream ADSL routers 192.168.0.253,254,255. Every PC on the network picks a gateway randomly, and it is quite a suboptimal mess. So i was researching about pf to see if I could create a custom gateway that would use all these ADSL routers and dispatch connections automagically. I found "Load Balance Outgoing Traffic" at the pf faq. The example seems to need one network card per external gateway (ext_gw1 and ext_gw2) Is it because the gateways are not on the same network? Or is it something more complicated? I infer if there were n external gateways with this technique, the pf machine would need n+1 network adapters. Bottomline: Is it possible to adapt such a setup with only two network cards if the ADSL routers are on the same network? Thanks in advance for considering my question, if you have good on line tutorials about stuff you think I didn't understand, I'm all open! Cheers, Bertrand |
|
|||
Quote:
While physically creating a router with n + 1 interfaces to connect n subnets to the Internet is possible, it is no longer the only option. You can accomplish the same topology with only two interfaces, but it requires more sophisticated configuration at the router & switch(es) as you will be configuring VLAN's (virtual LAN's). Limiting the router to two interfaces is also referred to a "router-on-a-stick" configuration. Googling for the term will give a place to begin. Wikipedia's entry on the subject: http://en.wikipedia.org/wiki/Router_on_a_stick ...is a bit sparse, but it is a start. As for where to find what is necessary on the FreeBSD side, studying the ifconfig(8) manpage will be required. Studying vlan(4) may help as well. But I should repeat: if your switch(es) do not support VLAN's, you will be limited to creating a router with n + 1 interfaces, however, most enterprise switches anymore support multiple VLAN's. Even some home switches (not hubs...) do as well. |
|
|||
Thanks a lot for the references and the jargon, ocicat, I'm gonna study those.
|
|
|||
Checkout ZeroShell,
I had a similar problem and I solved it all with it. Its free, it runs on any old machine that you have laying around with two NICS. zeroshell dot net (I cant post urls because I'm new on the board...) Cheers, Orallo. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
wpa_supplicant errors: "CTRL-EVENT-SCAN-RESULTS" | jackburke | FreeBSD General | 0 | 1st February 2010 12:07 AM |
Fixed "xinit" after _7 _8, "how" here in case anyones' "X" breaks... using "nvidia" | jb_daefo | Guides | 0 | 5th October 2009 09:31 PM |
"Thanks" and "Edit Tags". | diw | Feedback and Suggestions | 2 | 29th March 2009 12:06 AM |
Newbie-friendly "printing in OpenBSD" guide wanted | Shagbag | OpenBSD Packages and Ports | 5 | 7th July 2008 09:26 PM |