Date: Thu, 27 Jul 2000 01:35:32 +0200 (MEST) From: Sven Anderson <sanders@maelstrom.anderson.de> To: Nick Rogness <nick@rapidnet.com>, freebsd-net@freebsd.org Subject: Re: no static NAT for router itself? Message-ID: <Pine.LNX.4.21.0007270121420.16222-100000@maelstrom.anderson.de> In-Reply-To: <Pine.BSF.4.21.0007261204140.48391-100000@rapidnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- On Wed, 26 Jul 2000, Nick Rogness wrote: > > stoffel:~ # ifconfig -a > > ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > > inet 134.76.25.223 netmask 0xffffff00 broadcast 134.76.25.255 > > inet 134.76.25.224 netmask 0xffffffff broadcast 134.76.25.224 > > inet 134.76.25.225 netmask 0xffffffff broadcast 134.76.25.225 > > > Why do you have these addresses bound to this card? Is > your provider routing them to you? There's no provider, it's a subnet of the university-network. Our three IPs aren't directly routed to us, so i have to "catch it" by Proxy-ARP. > > What does not work: > > > > Packets originating from the router to one of the external aliased IPs, > > f.e. 134.76.25.224, are nated correctly to the internal IP 172.27.7.23, > > BUT the source address of the packet is not 134.76.25.223 (the router) as > > it should be but 134.76.25.224 (the NAT-alias)! If i look at the netmask > > of the alias-interface this is actually correct, because the netmask fits > > exactly 134.76.25.224, so that the source-address is set to the IP of > > the interface, which is the same IP. To prevent this, a netmask that > > matches never is needed. > > Have you tried the -alias_address option instead of -n ? The alias_address is for the masquerading (many host share one real IP), which works fine. The problem appears only with the static 1:1 NAT IPs. > > Well, so I assumed, that defining the external IPs as alias-interfaces is > > not the right way to do static NAT (btw.: why there is no HOWTO for this, > > is static NAT really used so seldom?). So I tried catching the external > > No, I use it all of the time as (I assume) many people do. So please tell me, can you connect _from_ the NATing host to an _internal_ host by it's _public_ IP? And if yes, what is you exact setup? Thanks, Sven - -- _mailto:sven@anderson.de _tel:+49-551-9969285 _tel:+49-179-4939223 _http://tuttle.home.pages.de _irc://IRCNet/tuttle,isnick "Macht verrueckt, was Euch verrueckt macht!" (Blumfeld) -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 iQCVAwUBOX91zAc0fSHyIVytAQFjjAQAmLldYC1uno4ZHiUvOuftSSgHmPG2fYWD 8WyQShwxZLO2uHR8EXz+xV1gzodmVvaeg2yFngS0BEVavVrCjrSXc6bxD8MBxxgo KgDEds3zo64YmwsmELV6dt35SYHwO3yMAfC/5KEzRddW8CpCQZ5++U2bwCmZOpPw FSR8frgdChs= =xgX8 -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0007270121420.16222-100000>