FreeBSD router, ppp, 1 ethernet, squid caching plausible?

C

CalvinZA

The ideal setup:
Code: 
DSL Router --> eth1 --> FreeBSD --> eth0 --> Local Network

The ideal setup which I've researched which seems common, where FreeBSD acts as a firewall between the internet and local network, which I believe that it is possible to have squid running a transparent proxy for caching purposes. This setup requiring two ethernet interfaces for physical separation between the router and local network.

However I do not yet have an active DSL line nor two ethernet interfaces, so I cannot test if the following modified configuration will be plausible.

Physical layout:
Code: 
DSL Modem --> Local Network --> eth0 --> FreeBSD

Where from the logical data flow I would like to achieve:
Code: 
Client --> eth0 -->FreeBSD --> PPPoE --> Internet

Where FreeBSD has only one ethernet interface namely eth0, routing traffic between PPPoE and the local network attached on eth0. FreeBSD should act as the router with the transparent proxy acting as a caching server, where DHCP and DNS is managed by FreeBSD.

Is this a realistic setup, as well as the assumption that the ppp connection may replace eth1 as depicted in the ideal setup?

Any suggestions and corrections would be greatly appreciated,
Thank you.
 
It is possible to use a configuration like this, but all the internet traffic will pass the FreeBSD ethernet interface twice. Usually, a setup like this does not allow transparent caching.
You will have to define two subnets: one for the WAN Router to FreeBSD server link ((1) below), the second for the FreeBSD server to local clients ((2) below).
Your clients will require a default gateway set to FreeBSD's IP address, the caching server needs IP forwarding to be active (/etc/rc.conf:
Code: 
gateway_enable="YES"
or /etc/sysctl.conf:
Code: 
net.inet.ip.forwarding=1
)

This setup can be circumvented easily if your WAN router does not have a firewall configured to allow only the proxy server.

The numbers below denote the (sub)network number.
Code: 
internet 
   `-> wan router (1)
          `-> switch
                 (1),(2)- FreeBSD server 
                     (2)- proxy client 1
                     (2)- proxy client 2
                      |
                     (2)- proxy client n
 
Thank you for your information, I will hopefully comment on the finished setup once I am able to do so.
 
Possible, but highly not recommended.

NICs start at about 20 bucks (100 meg will be fine for PPPoE). Get another one in the box?
 
You must log in or register to reply here.
Back
Top