Date: Fri, 24 Oct 2014 10:38:14 -0600 From: "Gary Aitken" <vagabond@blackfoot.net> To: freebsd-questions@freebsd.org Subject: bridging mode, ppp tunneling, IP addrs and outgoing mail (sendmail) Message-ID: <ad8568413640e94e8410fc7deb61e846.squirrel@webmail.blackfoot.net>
next in thread | raw e-mail | index | archive | help
I've got a gateway currently set up as follows: ISP -- DSL Modem (a.b.c.d/30) -- (a.b.c.e/30) FreeBSD (a.b.c.f/30) --- internal net The internal net uses both public IPs and private IPs via aliases on the interfaces. The DSL modem is in bridging mode. Inside the fbsd box I'm running user ppp which is set up to pass public IPs and nat private IPs. The fbsd box is also running the mail server (sendmail). Questions: 1. Since the modem is in bridging mode and ppp is tunneling, the IP addr on stuff sent out from the fbsd machine carries the ip addr ppp uses, which is one belonging to the ISP and not one of our assigned IP addrs. As currently set up, I'm using up 4 of the assigned IP addrs just to deal with the modem. It seems to me none of those addrs will ever appear anywhere else, so is there any reason not to use something from the set of private IPs for the fbsd -- modem connection? 2. Because the ppp connection gets the IP addr assigned by the ISP and not one from our assigned set, mail goes out with an origin IP addr which is not our own. Mail services which do reverse lookups therefore sometimes reject mail because the claimed sender domain doesn't match the reverse dns domain (or one of the mx records for the domain, not sure which). Is there a way to force sendmail to either: a. use an address other than the assigned one (I suspect this won't work because the IP addr causing the problem comes from the IP layer, not sendmail) b. direct the mail to an internal port which then takes the default route out subsequently? c. Can this be dealt with by assigning an alias IP addr to tun0 after ppp comes up and having sendmail send out that somehow? d. If necessary, the mail host could be changed to a different system on the internal network with a public ip addr. That would give the outgoing mail a public ip addr, but seems like a big hoop to jump through. Correct? Thanks for any enlightenment, Gary
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ad8568413640e94e8410fc7deb61e846.squirrel>