[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Yet another routing question

To: helmet@helmetsoft.com
Subject: Re: Yet another routing question
From: Pedro la Peu <pedro@ironchicken.am-gen.org>
Date: Sun, 3 Feb 2002 19:21:36 +0000 (GMT)
Cc: misc@openbsd.org

On Sun, 3 Feb 2002 helmet@helmetsoft.com wrote:

Maybe the easiest way to do this is to have two firewalls, one for the
ADSL & servers, the other for the cable and internal net. Add a third
nic to each firewall and connect them together.

This way you have easy, predictable static routing from everwhere to
everywhere though it requires slightly more complex PF rules. Each
firewall will only need a default route plus a route to each internal
net. Internal and external hosts shouldn't need any routing changes.

That may be more complexity than you want, but it's cheaper than a Cisco
and doesn't require any dynamic routing. Ideal for xDSL and cable.

In addition, should your cable service become unavailable, you could route
the internal clients out through ADSL for the duration of the outage. Of
course, this won't work the same for your servers if the ADSL fails. (At
least, not without three-way dynamic routing between you, your cable and
ADSL providers, which is, at best, most unlikely).

-pedro

References:
- Yet another routing question
  - From: <helmet@helmetsoft.com>

Prev by Date: Re: Sparc console problem
Next by Date: Re: fork()
Prev by thread: Yet another routing question
Next by thread: Sparc console problem
Index(es):
- Date
- Thread