|
Home > Archive > Unix administration > November 2007 > Pseudo Bridge
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
|
| Hi all... I have a problem here.
I need to put a firewall that do packet limiting per second without
changing my network topology and my machines configuration... I
thinked of building a simple bridge, but a bridge can`t control
packets this way... So someone told me to do a Pseudo Bridge, but I`m
having some trouble. Here`s my network
A B
C D E
----------Gateways------------BandwithControl----------Routers---------
Clients
A = 208.48.246.0/24
B = 10.1.1.1, 10.1.1.2 or 10.1.1.3
C = 10.1.1.20 (bridge)
D = 10.1.20.0/16
E = 10.2.0.0/16
So, the wan interfaces of the routers has as default gateway 10.1.1.1,
10.1.1.2 or 10.1.1.3 passing by my bandwith controller. This works
fine!
But I need to rate the packets that come from the lan side of the
routers before passing by the bandwith controll, so I'm thinking in
build some linux box that do this with pseudo-bridging... It goes
something like
A B
C X
Y D E
----------Gateways------------BandwithControl----------PSEUDO-
BRIDGE--------------Routers---------Clients
But I don`t know which IP`s I put on interfaces X and Y.
If I configure X = 10.1.1.120 and Y=10.1.1.121, do I need to add
routes in my pseudo-bridge? If the bridge default route is 10.1.1.1,
all packets that come from Y interface would be redirected to
10.1.1.1? I don`t want this...
I need to do something that does not change any configuration or much
changes in this topology.
I think I was a bit confusing haha but it was the best way I found to
explain my problem...
Thank you all!
| |
|
| XXXXin hell, what a mess! let me see if I can fix those diagrams
Hi all... I have a problem here.
I need to put a firewall that do packet limiting per second without
changing my network topology and my machines configuration... I
thinked of building a simple bridge, but a bridge can`t control
packets this way... So someone told me to do a Pseudo Bridge, but I`m
having some trouble. Here`s my network
A B C D E
---Gateways---BandwithControl--Routers--Clients
A = 208.48.246.0/24
B = 10.1.1.1, 10.1.1.2 or 10.1.1.3
C = 10.1.1.20 (bridge)
D = 10.1.20.0/16
E = 10.2.0.0/16
So, the wan interfaces of the routers has as default gateway
10.1.1.1,
10.1.1.2 or 10.1.1.3 passing by my bandwith controller. This works
fine!
But I need to rate the packets that come from the lan side of the
routers before passing by the bandwith controll, so I'm thinking in
build some linux box that do this with pseudo-bridging... It goes
something like
A B C
X Y D E
--Gateways----BandwithControl--PSEUDO-BRIDGE---Routers-Clients
But I don`t know which IP`s I put on interfaces X and Y.
If I configure X = 10.1.1.120 and Y=10.1.1.121, do I need to add
routes in my pseudo-bridge? If the bridge default route is 10.1.1.1,
all packets that come from Y interface would be redirected to
10.1.1.1? I don`t want this...
I need to do something that does not change any configuration or much
changes in this topology.
I think I was a bit confusing haha but it was the best way I found to
explain my problem...
Thank you all!
| |
|
| damn...
The pseudo-bridges left interface is X and right interface is Y
On Nov 27, 3:32 pm, Fravo <fravo.cr...@gmail.com> wrote:
> XXXXin hell, what a mess! let me see if I can fix those diagrams
>
> Hi all... I have a problem here.
> I need to put a firewall that do packet limiting per second without
> changing my network topology and my machines configuration... I
> thinked of building a simple bridge, but a bridge can`t control
> packets this way... So someone told me to do a Pseudo Bridge, but I`m
> having some trouble. Here`s my network
>
> A B C D E
> ---Gateways---BandwithControl--Routers--Clients
>
> A = 208.48.246.0/24
> B = 10.1.1.1, 10.1.1.2 or 10.1.1.3
> C = 10.1.1.20 (bridge)
> D = 10.1.20.0/16
> E = 10.2.0.0/16
>
> So, the wan interfaces of the routers has as default gateway
> 10.1.1.1,
> 10.1.1.2 or 10.1.1.3 passing by my bandwith controller. This works
> fine!
> But I need to rate the packets that come from the lan side of the
> routers before passing by the bandwith controll, so I'm thinking in
> build some linux box that do this with pseudo-bridging... It goes
> something like
>
> A B C
> X Y D E
> --Gateways----BandwithControl--PSEUDO-BRIDGE---Routers-Clients
>
> But I don`t know which IP`s I put on interfaces X and Y.
> If I configure X = 10.1.1.120 and Y=10.1.1.121, do I need to add
> routes in my pseudo-bridge? If the bridge default route is 10.1.1.1,
> all packets that come from Y interface would be redirected to
> 10.1.1.1? I don`t want this...
> I need to do something that does not change any configuration or much
> changes in this topology.
> I think I was a bit confusing haha but it was the best way I found to
> explain my problem...
> Thank you all!
|
|
|
|
|