ClearFoundation

Hi Patrick,

We really should add VLAN support since the configuration/API is almost identical to Virtual IP support. So, I just scheduled that in the roadmap as "as soon as possible".

Bridged interfaces are a little more complex and will remain command line only for now. A lot of the network stack roadmap is driven by ClearBOX development. and the wireless stack (access point) is currently the main focus. Bridged interfaces are also a requirement for ClearBOXes, but the wireless stack is the higher priority.

Very glad to hear about the VLAN support. Thanks a million!

My setup is 3 x PPP connections and 1 LAN (eth3)

I have a block of public ip addresses on xxx.193.207.64/27

I have setup a virtual ip (public address) on the LAN as eth3:0 of xxx.193.207.94

I have a web server on the LAN at xxx.193.207.91, and it's gateway is set to the above

I have a PPP connection for this public block at xxx.193.193.44

I have 2 other PPP connections with a different ISP.

I'm wondering is it possible to make the virtual ip a DMZ to get around the problem I'm having with port forwarding and 1:1 NAT in a mutliwan environment.
Or could I put in a custom firewall rule to bypass the NAT for all traffic from PPP1 (xxx.193.193.44) to the xxx.193.207.64/27 subnet?
I already have 4 network cards used up and it would be preferable to not have to try and scrounge up another one.

If not I think I will probably just take the modem out of the clearos box and run it directly into the network - was just wanting to use some of that available bandwidth for load balancing is all =)

One issue with using 1:1 NAT in place of Virtual IPs:

Reduced configuration ability - specifically, netmask. My issue:

I have 5 IPv4 static addresses my ISP has provided: xxx.xxx.xxx.33 - ...37

In order for the transparent passthru to work, the way my ISP's gateway is set up, I need to be able to have any IPs configured with the netmask 255.255.248.0 for the routing to work between the statics. E.g., I need to see something like this in ifconfig:



When I create virtual IPs using the 1:1 NAT function, I get this:



With the result that the inter-ip routing on the ISP's side does not work.

There is no way in the UI (unless I'm a complete dolt) to configure the netmask.

Is there a plan to do this at all, or is it just that I'm a newbie? Or have I been smoking some good sh*t and completely missed it?

Cheers all
~Sam

You've been smoking something

Look at the third post in this topic where the settings are explained...there is a netmask setting on the last line.

Hope that works for ya =)

Andrew, I think you might have missed my point. And here, I thought I was being so clear...

I'm talking about using 1:1 NAT via the GUI vs. using /etc/sysconfig/network-scripts/ifcfg-eth0:1.

In my post, the top quote was the result of using /etc/sysconfig/network-scripts/ifcfg-eth0:1 and the lower quote was made using 1:1 NAT via the GUI.

The GUI mode of doing 1:1 NAT gives you these options:
Nickname
Interface
Public IP
Private IP
All Protocols and Ports [checkbox]
Protocol (TCP/UDP) [selector]
Port or Port Range


There's no option for netmask in the GUI, or at least, I couldn't find it.

Cheers,
~Sam

yes...yes I did....
sorry =/

No worries. Thanks for the reply, anyway.