[prev in list] [next in list] [prev in thread] [next in thread]
List: pfsense-support
Subject: Re: [pfSense Support] Subnets in same NIC
From: Isamar Maia <isamar () gmail ! com>
Date: 2011-08-31 10:19:14
Message-ID: CAPzHo3gaRmjd=PTCCX5P7btAM_qwZP-N8uwPkSLNyfAyik0Ffw () mail ! gmail ! com
[Download RAW message or body]
1) Define one network card. It will be your WAN.
2) Define another network card. It will be your LAN.
3) The WAN side, it will be your global IP address
4) In the LAN side, define your IP address 192.168.0.1 with netmask
255.255.0.0
5) Define DHCP service statically with all MAC Addresses, with 192.168.1.X
and 192.168.0.Y
addresses, or the dynamic range of your preference.
6) Forget the damn virtual IP/Linux workaround or "gambiarra", in good
Portuguese.
7) Pay me a beer with goat meat when I go to Natal.
2011/8/30 Ivanildo Galvão - IT Services <ivanildo@itservices.com.br>
> I do not understand, but because they create a network of 16-bit? Can
> youexplain your idea, sorry, but I'm not seeing the solution.
>
> The pfSense now has 03 virtual NICs, all on the same physical interface,
> it isvirtualized on VMware, the physical network card is a single switch.
> Type as shown below.****
>
> ** **
>
> ****
>
> ** **
>
> * *
>
> *Ivanildo Galvão - **MCP, MCT, MCSA, VSP*
>
> *Consultor de Tecnologia*
>
> Tel. (84) 3201 2146 | Cel. (84) 9111 8873****
>
> ivanildo@itservices.com.br | www.itservices.com.br ****
>
> Twitter: @ivanildogalvao ****
>
> ****
>
> ** **
>
> * *
>
> * *
>
> * *
>
> ** **
>
> *De:* Isamar Maia [mailto:isamar@gmail.com]
> *Enviada em:* terça-feira, 30 de agosto de 2011 21:59
>
> *Para:* support@pfsense.com
> *Assunto:* Re: [pfSense Support] Subnets in same NIC****
>
> ** **
>
>
> I wouldn't bet on this approach.
>
> Create a /16 network, 192.168.0.0/255.255.0.0 and live happy.
>
> Isamar
>
> ****
>
> 2011/8/30 Ivanildo Galvão - IT Services <ivanildo@itservices.com.br>****
>
> Without doubt, I agree with you. The ideal would be to create VLANs, or
> have more than one network interface and each connected to a
> network, or switch to adifferent wireless AP, but when the customer does not
> have these resources and how've used Linux before and asked to do the
> same with pfSense, I accepted to do this on your network.
>
> So the solution lay in pfSense create Virtual IP, is it? The setting
> is the firewalltab, correct? By creating a virtual IPO rager, attached
> to the LAN interface?****
>
> ****
>
> * *****
>
> *Ivanildo Galvão - **MCP, MCT, MCSA, VSP*****
>
> *Consultor de Tecnologia*****
>
> Tel. (84) 3201 2146 | Cel. (84) 9111 8873****
>
> ivanildo@itservices.com.br | www.itservices.com.br ****
>
> Twitter: @ivanildogalvao ****
>
> ****
>
> ****
>
> * *****
>
> * *****
>
> * *****
>
> ****
>
> *De:* Chris Buechler [mailto:cbuechler@gmail.com]
> *Enviada em:* terça-feira, 30 de agosto de 2011 21:44****
>
>
> *Para:* support@pfsense.com
> *Assunto:* Re: [pfSense Support] Subnets in same NIC****
>
> ****
>
> ****
>
> On Tue, Aug 30, 2011 at 8:39 PM, Ivanildo Galvão - IT Services <
> ivanildo@itservices.com.br> wrote:****
>
> Yeah, I know it works with VLAN, but wanted to implement something simpler,
> the problem is that the customer had this scenario before working with
> Proxywith Linux and pfSense he wants to have the same solution, on
> Linux it had asingle NIC which was subdivided
> into 03 virtual eth, eth each subnet representsa ranger, according to
> the MAC filter stations put Linux on their respective networks.
>
> I downloaded the version of pfSense RC3 today, here
> in VMware Workstationinstalled to see if I can find some option, but so
> far I see nothing that addressesthis need.****
>
> ****
>
> That's what IP alias virtual IPs are for. It's generally not a good
> practice to do so as having multiple subnets on a single broadcast domain is
> ugly, largely pointless, and considered poor network design, but you can.
> ****
>
> ****
>
>
>
>
> --
> Isamar Maia
> Cel. VIVO SSA: (55) 71-9146-8575
> Cel. TIM SSA: (55) 71-9185-5264
> Fixo: (55) 71-4062-8688
> 日本: +81-(0)3-4550-1212
> Skype ID: isamar.maia ****
>
--
Isamar Maia
Cel. VIVO SSA: (55) 71-9146-8575
Cel. TIM SSA: (55) 71-9185-5264
Fixo: (55) 71-4062-8688
日本: +81-(0)3-4550-1212
Skype ID: isamar.maia
[Attachment #3 (text/html)]
<br><br>1) Define one network card. It will be your WAN.<br>2) Define another network \
card. It will be your LAN.<br>3) The WAN side, it will be your global IP \
address<br>4) In the LAN side, define your IP address 192.168.0.1 with netmask \
255.255.0.0<br> 5) Define DHCP service statically with all MAC Addresses, with \
192.168.1.X and 192.168.0.Y<br>addresses, or the dynamic range of your \
preference.<br>6) Forget the damn virtual IP/Linux workaround or \
"gambiarra", in good Portuguese. <br> 7) Pay me a beer with goat meat when \
I go to Natal.<br><br><div class="gmail_quote">2011/8/30 Ivanildo Galvão - IT \
Services <span dir="ltr"><<a \
href="mailto:ivanildo@itservices.com.br">ivanildo@itservices.com.br</a>></span><br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px \
solid rgb(204, 204, 204); padding-left: 1ex;"><div link="blue" vlink="purple" \
lang="PT-BR"><div><p class="MsoNormal"><span><span style="color: rgb(51, 51, 51); \
background: none repeat scroll 0% 0% whitesmoke;" lang="EN-US">I do not \
understand</span></span><span><span style="color: rgb(51, 51, 51); background: none \
repeat scroll 0% 0% whitesmoke;" lang="EN-US">, but</span></span><span><span \
style="color: rgb(51, 51, 51); background: none repeat scroll 0% 0% whitesmoke;" \
lang="EN-US"> </span></span><span><span style="color: rgb(51, 51, 51); background: \
none repeat scroll 0% 0% whitesmoke;" lang="EN-US">because they \
create</span></span><span><span style="color: rgb(51, 51, 51); background: none \
repeat scroll 0% 0% whitesmoke;" lang="EN-US"> </span></span><span><span \
style="color: rgb(51, 51, 51); background: none repeat scroll 0% 0% whitesmoke;" \
lang="EN-US">a</span></span><span><span style="color: rgb(51, 51, 51); background: \
none repeat scroll 0% 0% whitesmoke;" lang="EN-US"> </span></span><span><span \
style="color: rgb(51, 51, 51); background: none repeat scroll 0% 0% whitesmoke;" \
lang="EN-US">network of 16</span></span><span><span style="color: rgb(51, 51, 51); \
background: none repeat scroll 0% 0% whitesmoke;" \
lang="EN-US">-bit?</span></span><span><span style="color: rgb(51, 51, 51); \
background: none repeat scroll 0% 0% whitesmoke;" lang="EN-US"> \
</span></span><span><span style="color: rgb(51, 51, 51); background: none repeat \
scroll 0% 0% whitesmoke;" lang="EN-US">Can youexplain</span></span><span><span \
style="color: rgb(51, 51, 51); background: none repeat scroll 0% 0% whitesmoke;" \
lang="EN-US"> </span></span><span><span style="color: rgb(51, 51, 51); background: \
none repeat scroll 0% 0% whitesmoke;" lang="EN-US">your idea</span></span><span><span \
style="color: rgb(51, 51, 51); background: none repeat scroll 0% 0% whitesmoke;" \
lang="EN-US">, sorry,</span></span><span><span style="color: rgb(51, 51, 51); \
background: none repeat scroll 0% 0% whitesmoke;" lang="EN-US"> \
</span></span><span><span style="color: rgb(51, 51, 51); background: none repeat \
scroll 0% 0% whitesmoke;" lang="EN-US">but I'm not</span></span><span><span \
style="color: rgb(51, 51, 51); background: none repeat scroll 0% 0% whitesmoke;" \
lang="EN-US"> </span></span><span><span style="color: rgb(51, 51, 51); background: \
none repeat scroll 0% 0% whitesmoke;" lang="EN-US">seeing</span></span><span><span \
style="color: rgb(51, 51, 51); background: none repeat scroll 0% 0% whitesmoke;" \
lang="EN-US"> </span></span><span><span style="color: rgb(51, 51, 51); background: \
none repeat scroll 0% 0% whitesmoke;" lang="EN-US">the solution.</span></span><span \
style="color: rgb(51, 51, 51); background: none repeat scroll 0% 0% whitesmoke;" \
lang="EN-US"><br> <br><span>The</span><span> </span><span>pfSense</span><span> \
</span><span>now has</span><span> </span><span>03</span><span> </span><span>virtual \
NICs</span><span>,</span><span> </span><span>all on</span><span> </span><span>the \
same physical interface</span><span>, it</span><span> </span><span>isvirtualized \
on</span><span> </span><span>VMware</span><span>, the</span><span> \
</span><span>physical network card</span><span> </span><span>is</span><span> \
</span><span>a</span><span> </span><span>single switch</span><span>.</span><span> \
</span></span><span><span style="color: rgb(51, 51, 51); background: none repeat \
scroll 0% 0% whitesmoke;">Type</span></span><span><span style="color: rgb(51, 51, \
51); background: none repeat scroll 0% 0% whitesmoke;"> </span></span><span><span \
style="color: rgb(51, 51, 51); background: none repeat scroll 0% 0% whitesmoke;">as \
shown</span></span><span><span style="color: rgb(51, 51, 51); background: none repeat \
scroll 0% 0% whitesmoke;"> </span></span><span><span style="color: rgb(51, 51, 51); \
background: none repeat scroll 0% 0% \
whitesmoke;">below.<u></u><u></u></span></span></p> <div class="im"><p \
class="MsoNormal"><span><span style="color: rgb(51, 51, 51); background: none repeat \
scroll 0% 0% whitesmoke;"><u></u> <u></u></span></span></p><p class="MsoNormal"><img \
src="" height="800" width="1280"><span style="font-size: 11pt; color: rgb(31, 73, \
125);"><u></u><u></u></span></p> <p class="MsoNormal"><span style="font-size: 11pt; \
color: rgb(31, 73, 125);"><u></u> <u></u></span></p><p class="MsoNormal"><b><span \
style="font-size: 11pt; color: rgb(31, 73, 125);"><u></u> <u></u></span></b></p><p \
class="MsoNormal"> <b><span style="font-size: 11pt; color: rgb(31, 73, \
125);">Ivanildo Galvão - </span></b><b><span style="font-size: 11pt; color: rgb(192, \
0, 0);">MCP, MCT, MCSA, VSP<u></u><u></u></span></b></p><p class="MsoNormal"><b><span \
style="font-size: 10pt; color: rgb(31, 73, 125);">Consultor de \
Tecnologia<u></u><u></u></span></b></p> <p class="MsoNormal"><span style="font-size: \
10pt; color: rgb(31, 73, 125);">Tel. <a href="tel:%2884%29%203201%202146" \
value="+558432012146" target="_blank">(84) 3201 2146</a> \
| Cel. <a href="tel:%2884%29%209111%208873" value="+558491118873" \
target="_blank">(84) 9111 8873</a></span><span style="font-size: 10pt; color: rgb(31, \
73, 125);"><u></u><u></u></span></p> <p class="MsoNormal"><span style="font-size: \
10pt; color: rgb(31, 73, 125);"><a href="mailto:ivanildo@itservices.com.br" \
target="_blank"><span style="color: blue;">ivanildo@itservices.com.br</span></a> \
| <a href="http://www.itservices.com.br/" target="_blank"><span style="color: \
blue;">www.itservices.com.br</span></a> <u></u><u></u></span></p> <p \
class="MsoNormal"><span style="font-size: 10pt; color: rgb(31, 73, \
125);">Twitter</span><span style="font-size: 10pt; color: rgb(152, 72, \
6);">:</span><span style="font-size: 10pt; color: rgb(31, 73, 125);"> @ivanildogalvao \
<u></u><u></u></span></p> <p class="MsoNormal"><span style="font-size: 11pt; color: \
rgb(31, 73, 125);"><img src="" height="76" width="160" border="0"> </span><span \
style="font-size: 10pt; color: rgb(31, 73, 125);"><u></u><u></u></span></p><p \
class="MsoNormal"> <span style="font-size: 10pt; color: rgb(31, 73, 125);"><u></u> \
<u></u></span></p><p class="MsoNormal"><b><span style="font-size: 10pt; color: \
rgb(31, 73, 125);"><u></u> <u></u></span></b></p><p class="MsoNormal"><b><span \
style="font-size: 10pt; color: rgb(31, 73, 125);"><u></u> <u></u></span></b></p> <p \
class="MsoNormal"><b><span style="font-size: 10pt; color: rgb(31, 73, 125);"><u></u> \
<u></u></span></b></p><p class="MsoNormal"><span style="font-size: 11pt; color: \
rgb(31, 73, 125);"><u></u> <u></u></span></p></div><p class="MsoNormal"> <b><span \
style="font-size: 10pt;">De:</span></b><span style="font-size: 10pt;"> Isamar Maia \
[mailto:<a href="mailto:isamar@gmail.com" target="_blank">isamar@gmail.com</a>] \
<br><b>Enviada em:</b> terça-feira, 30 de agosto de 2011 21:59<div> <div></div><div \
class="h5"><br><b>Para:</b> <a href="mailto:support@pfsense.com" \
target="_blank">support@pfsense.com</a><br><b>Assunto:</b> Re: [pfSense Support] \
Subnets in same NIC<u></u><u></u></div></div></span></p><div> <div></div><div \
class="h5"><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal" \
style="margin-bottom: 12pt;"><br>I wouldn't bet on this approach.<br><br>Create a \
/16 network, <a href="http://192.168.0.0/255.255.0.0" \
target="_blank">192.168.0.0/255.255.0.0</a> and live happy.<br> \
<br>Isamar<br><br><u></u><u></u></p><div><p class="MsoNormal">2011/8/30 Ivanildo \
Galvão - IT Services <<a href="mailto:ivanildo@itservices.com.br" \
target="_blank">ivanildo@itservices.com.br</a>><u></u><u></u></p><div> <div><p \
class="MsoNormal"><span style="color: rgb(51, 51, 51); background: none repeat scroll \
0% 0% whitesmoke;" lang="EN-US">Without doubt, I agree with you. The ideal would \
be to create VLANs, or have more than one network interface and each connected \
to a network, or switch to adifferent wireless AP, but when the customer does \
not have these resources and how've used Linux before and asked to do the \
same with pfSense, I accepted to do this on your network.<br> <br>So the \
solution lay in pfSense create Virtual IP, is it? The setting is the \
firewalltab, correct? By creating a virtual IPO rager, attached to the LAN \
interface?</span><u></u><u></u></p><div><p class="MsoNormal"><span style="font-size: \
11pt; color: rgb(31, 73, 125);" lang="EN-US"> </span><u></u><u></u></p> <p \
class="MsoNormal"><b><span style="font-size: 11pt; color: rgb(31, 73, 125);" \
lang="EN-US"> </span></b><u></u><u></u></p><p class="MsoNormal"><b><span \
style="font-size: 11pt; color: rgb(31, 73, 125);">Ivanildo Galvão - \
</span></b><b><span style="font-size: 11pt; color: rgb(192, 0, 0);">MCP, MCT, MCSA, \
VSP</span></b><u></u><u></u></p> <p class="MsoNormal"><b><span style="font-size: \
10pt; color: rgb(31, 73, 125);">Consultor de \
Tecnologia</span></b><u></u><u></u></p><p class="MsoNormal"><span style="font-size: \
10pt; color: rgb(31, 73, 125);">Tel. <a href="tel:%2884%29%203201%202146" \
target="_blank">(84) 3201 2146</a> | Cel. <a \
href="tel:%2884%29%209111%208873" target="_blank">(84) 9111 \
8873</a></span><u></u><u></u></p> <p class="MsoNormal"><span style="font-size: 10pt; \
color: rgb(31, 73, 125);"><a href="mailto:ivanildo@itservices.com.br" \
target="_blank">ivanildo@itservices.com.br</a> | <a \
href="http://www.itservices.com.br/" target="_blank">www.itservices.com.br</a> \
</span><u></u><u></u></p> <p class="MsoNormal"><span style="font-size: 10pt; color: \
rgb(31, 73, 125);">Twitter</span><span style="font-size: 10pt; color: rgb(152, 72, \
6);">:</span><span style="font-size: 10pt; color: rgb(31, 73, 125);"> @ivanildogalvao \
</span><u></u><u></u></p> <p class="MsoNormal"><span style="font-size: 11pt; color: \
rgb(31, 73, 125);"> </span><u></u><u></u></p><p class="MsoNormal"><span \
style="font-size: 10pt; color: rgb(31, 73, 125);"> </span><u></u><u></u></p><p \
class="MsoNormal"> <b><span style="font-size: 10pt; color: rgb(31, 73, 125);"> \
</span></b><u></u><u></u></p><p class="MsoNormal"><b><span style="font-size: 10pt; \
color: rgb(31, 73, 125);"> </span></b><u></u><u></u></p><p \
class="MsoNormal"><b><span style="font-size: 10pt; color: rgb(31, 73, 125);"> \
</span></b><u></u><u></u></p> <p class="MsoNormal"><span style="font-size: 11pt; \
color: rgb(31, 73, 125);"> </span><u></u><u></u></p></div><p \
class="MsoNormal"><b><span style="font-size: 10pt;">De:</span></b><span \
style="font-size: 10pt;"> Chris Buechler [mailto:<a href="mailto:cbuechler@gmail.com" \
target="_blank">cbuechler@gmail.com</a>] <br> <b>Enviada em:</b> terça-feira, 30 de \
agosto de 2011 21:44<u></u><u></u></span></p><div><p class="MsoNormal"><span \
style="font-size: 10pt;"><br><b>Para:</b> <a href="mailto:support@pfsense.com" \
target="_blank">support@pfsense.com</a><br> <b>Assunto:</b> Re: [pfSense Support] \
Subnets in same NIC<u></u><u></u></span></p></div><p class="MsoNormal"> \
<u></u><u></u></p><p class="MsoNormal" style="margin-bottom: 12pt;"> \
<u></u><u></u></p><div><p class="MsoNormal"> On Tue, Aug 30, 2011 at 8:39 PM, \
Ivanildo Galvão - IT Services <<a href="mailto:ivanildo@itservices.com.br" \
target="_blank">ivanildo@itservices.com.br</a>> \
wrote:<u></u><u></u></p><div><div><div><div><p class="MsoNormal"> <span style="color: \
rgb(51, 51, 51); background: none repeat scroll 0% 0% whitesmoke;" lang="EN-US">Yeah, \
I know it works with VLAN, but wanted to implement something simpler, the \
problem is that the customer had this scenario before working with Proxywith \
Linux and pfSense he wants to have the same solution, on Linux it had asingle \
NIC which was subdivided into 03 virtual eth, eth each subnet representsa \
ranger, according to the MAC filter stations put Linux on their respective \
networks.<br> <br>I downloaded the version of pfSense RC3 today, here in VMware \
Workstationinstalled to see if I can find some option, but so far I see nothing \
that addressesthis need.</span><u></u><u></u></p></div></div><div><p \
class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">That's what \
IP alias virtual IPs are for. It's generally not a good practice to do so as \
having multiple subnets on a single broadcast domain is ugly, largely pointless, and \
considered poor network design, but you can. <u></u><u></u></p> </div><div><p \
class="MsoNormal"> <u></u><u></u></p></div></div></div></div></div></div></div><p \
class="MsoNormal"><br><br clear="all"><br>-- <br>Isamar Maia<br>Cel. VIVO SSA: <a \
href="tel:%2855%29%2071-9146-8575" value="+557191468575" target="_blank">(55) \
71-9146-8575</a><br> Cel. TIM SSA: <a href="tel:%2855%29%2071-9185-5264" \
value="+557191855264" target="_blank">(55) 71-9185-5264</a><br>Fixo: <a \
href="tel:%2855%29%2071-4062-8688" value="+557140628688" target="_blank">(55) \
71-4062-8688</a><br> <span style="font-family: "MS Gothic";">日本</span>: \
<a href="tel:%2B81-%280%293-4550-1212" value="+81345501212" \
target="_blank">+81-(0)3-4550-1212</a><br>Skype ID: isamar.maia \
<u></u><u></u></p></div></div> </div></div></blockquote></div><br><br \
clear="all"><br>-- <br>Isamar Maia<br>Cel. VIVO SSA: (55) 71-9146-8575<br>Cel. TIM \
SSA: (55) 71-9185-5264<br>Fixo: (55) 71-4062-8688<br>日本: \
+81-(0)3-4550-1212<br>Skype ID: isamar.maia <br>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic