On Fri, 5 Apr 2002, Alex Rousskov wrote:
> Hi there,
>
> I have two Ethernet NICs inside a PC. I want TCP/IP packets to
> leave one NIC, go on the wire, and eventually arrive at the other NIC.
> I do not want the kernel to be smart and shortcut the path. I want the
> outside world to see the packets and to think that my two NICs are two
> PCs talking to each other.
>
> Could any networking guru answer the following questions:
>
> - Is it possible without kernel modifications? How?
AFAIK, No. Your only 2 possiblities that I could think of would
be to use policy routing or natd. Both will fail in this case.
>
> - If kernel modifications are required, how extensive
> would they be (e.g., how many hours would it take a guru
> to implement the required functionality)?
>
I'm not sure, but I would assume it would be painful.
> I am flexible as far as IP addressing scheme is concerned,
> though I would prefer to be able to put both NIC IP addresses on one
> and on separate subnets (from the outside world point of view). Again,
> I want the outside world think that these NICs are inside two PCs.
>
This is violating basic routing principles so it doesn't matter
which IP subnets you use.
> If you want to know a "use case" for this strange requirement,
> here it is: I am building an appliance to test HTTP proxies. I want an
> appliance to have one NIC for the "client side" and one NIC for the
> "server side". I want to be able to run no-proxy test through the
> networking gear (a baseline experiment testing hubs/switches for
> bottlenecks), and I want to test "transparent proxies" (clients think
> they send requests directly to servers).
>
>
There is probably a better solution than trying to hack the kernel
to do this. From the above paragraph, it sounds like you could
bridge across the 2 interfaces and do some tricks with IPFW to
direct traffic for your transparent proxy stuff. I would need
more details to be sure.
Nick Rogness <[EMAIL PROTECTED]>
- Don't mind me...I'm just sniffing your packets
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
