Bridging & Routing Public IPs.

Thom

Hi,

My UK ISP BeThere allocates me 8 IPs, 6 of which are usable. They require that I connect to them via PPPoE and that they don't require any authentication. Currently I have the following setup:-

Router/Modem/Firewall = Netgear DGFV338
87.xxx.xxx.169 Start of subnet, not available
87.xxx.xxx.170 WAN IP of DGFV338
87.xxx.xxx.171 LAN IP of DGFV338
87.xxx.xxx.172 {Available}
87.xxx.xxx.173 {Available}
87.xxx.xxx.174 {Mail/WWW Server}
87.xxx.xxx.175 {Mail/WWW Server}
87.xxx.xxx.176 End of subnet, not available

I want to put PfSense into the mix, I'm thinking I'll need todo this:-

Modem = Netgear DG834
87.xxx.xxx.169 Start of subnet, not available
87.xxx.xxx.170 WAN IP of DG834
87.xxx.xxx.171 LAN IP of DG834
87.xxx.xxx.172 WAN IP of PfSense
87.xxx.xxx.173 LAN IP of Pfsense
87.xxx.xxx.174 {Mail/WWW Server}
87.xxx.xxx.175 {Mail/WWW Server}
87.xxx.xxx.176 End of subnet, not available

Using the above setup will require alot of IPs, I'm wondering if there is someway to bond the DG834 & Pfsense together using Bridging? So that I don't require 4x IPs just for the networking infrastructure.

I've tried in the past to bridge the DG834/PfSense and I wasn't successful as PfSense requires I enter a username / password and I've been abit confused how I bridge my PfSense to the DG834 which then bridges with my ISP.

Could you please advise.

Regards,
Thomas.

jahonix

Usually you put the modem in bridge mode. Don't know if your Netgear can do this, though.

smiggy

The DG834[GT|N] (and also the Bebox) doesn't use an external IP when in bridge mode. Go to the /mode.htm page to enable modem-only mode. I recommend the UberGT (<- what I use) or DGTeam firmware for use on Be*.

Be* doesn't use proper subnets, I think they're always /22. All the IPs you've been given will be usable. All your PCs with public IPs will have the same default gateway (normally ends in .1).

The pfSense box doesn't need any external IPs unless it'll be doing NAT (in which case, just one on WAN) or want it to be able to access the 'net for timesyncs etc. I just set it up as a transparent bridge. I've used it as such on my Be* connection before, and also with m0n0wall. I currently use m0n0 to do the shaping+filtering on an Alix 2C3, and pfSense on a Wrap 1E to do NAT.

Ignore anything mentioning "PPP" Be*. "…require that I connect to them via PPPoE" is wrong - it's RFC 1483  ethernet over ATM - there's no PPP involved anywhere.

Thom

Hi,

So I place my DG834 (Not Wireless) into Modem Only mode via the /mode.htm option. Set the VPI 0, VCI: 101 & set it to LLC.

I tell Pfsense that the wan interface to obtain details via PPoE? I don't see an option inside of PfSense for Ethernet over ATM? And then I need to set it to make a transparent bridge between WAN/LAN??

I am only using public ips, and won't require the NAT system.

Thom

I've fixed this now. My PFSense box is bridging with my DG834. I've assigned a public ip to the WAN NIC card & the LAN NIC Card. All my points point there gateway to the LAN NIC card which is then bridged to the WAN NIC. Everything appears tobe OK.