[ previous ] [ next ] [ threads ]
 
 From:  Sean Hogan <sean at perusesoftware dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Multiple subnets
 Date:  Wed, 18 Jul 2007 11:16:37 -0400 
Hm... Still haven't quite figured this out. But basically, here is  
what I am trying to do

This setup is for an ISP. Basically, I am using m0n0wall to rate  
limit two customers that each have space within a building. I have a  
Soekris 4801 (3 Interfaces).

Lets call the first customer, customer A, the second B.

Our WAN interface (Which connects to our wireless gear) has an  
address of 10.1.1.250. The two customers each have blocks of IP's.  
Customer A is on the OPT1 interface has a single /29. The other,  
customer B, is connected to the LAN interface, has a /27 and a /29.  
Our core router is configured to route these blocks to the private IP  
of the WAN interface on the m0n0wall. The /29 for customer A and the / 
27 for customer B works fine. The /29 for customer B, however, does  
not work....

Basically what I am trying to do is route two different IP blocks  
over the same interface. I figured I could create a VLAN within the  
m0n0wall sotware. This would take the first avaliable IP out of the / 
27 and /29 and become the gateway. This worked to a point...  I can  
ping both gateways from the Internet, other interfaces on the device,  
and from the /27 block which is directly associated with the LAN  
interface. However, when I give myself an address in the /29 block  
(The one who's gateway is the VLAN'd interface), I cannot even hit my  
gateway.

So, to sum it all up... I am using ALL public IP's. I need to route  
two separate blocks to one physical interface, with each block having  
its own default gateway

I'm sure this has been done before, its just bugging me now :-)

Thanks
-E
On Jul 11, 2007, at 9:47 AM, Aaron Cherman wrote:

>> Quick question - I am rouing a /29 and a /27 block of ips to my  
>> WAN interface... Is there  way to route both blocks to my OPT1  
>> interface?
>>
>
> I don't think you can have both to one logical interface.  I use a  
> 1:1 NAT to bring 2 blocks to my OPT but on different VLANs - you  
> just need to use up one IP in each block for the m0n0wall interface  
> address.  Then use that address as the clients gateway/DNS server/ 
> etc.  It works quite well.
>
>
> Aaron

Sean Hogan
Network Operations Manager
Peruse Software
210 Chestnut Ave
Manchester, NH 03101
V: 603.589.4868
W3: www.perusesoftware.net