netbsd users,

I'm really interested in using NetBSD to setup a router that can do NAT on
a DSL connection that I will be setting up in my apartment in the next few
weeks after I start my next semester of school.  The ISP will be Verizon,
and I've discovered that Verizon requires all users to use pppoe to "dial
in" to obtain access to the internet.  This  is another good reason why
I'd like to have a firewall.  I'd like to have the firewall initiate the
pppoe connection and reconnect if there is ever a disruption, allowing my
systems at home to essentially have an always on connection, and removing
the need to "dial up" when I want internet.

I've set up a test router before on FreeBSD/i386 using ipfilter a long
time ago.  This situation is different from the previous one in that I
want to use an existing Sun Sparcstation LX as the router.  The system has
a 4GB hard disk, 96 Megs of RAM, onboard ethernet.  This situation is also
different from what I've done in the past in that I'd like to create a
router with only one ethernet interface.

Most router configurations I've seen have two ethernet interfaces, one of
them is connected to a hub, that lets people plug in for access to the
network.  People who plug into this hub can be in the private IP
space.  The other NIC connects to the DSL/Cable/other internet
connection.  ipfilter handles the NAT translation between them.

What I'd like to do with this sparc, is first of all wipe solaris 7 off of
it. :)  Then I'd like to put netbsd on it and use it's single built in NIC
to create the full router.  I'd like to connect it's NIC to a hub, connect
the DSL modem to the uplink of the hub, and connect clients to the
hub.  Clients on the hub would be in the 10. private ip space and would
speak to the sparc router, who has a nic that is also in the 10. range.

It's after this that I get confused.  If I try to initiate the pppoe
connection, would it try to incorrectly communicate with the clients on my
network, rather than trying to communicate with the DSL modem?  Let's
assume that it somehow does manage to create a ppp interface, I should
have no problem doing ipfilter nat and filtering between the interface
name and ppp (the internet), right?

Does anyone see anything wrong with this strategy so far?

thanks for your help,

mohan