From owner-freebsd-pf@freebsd.org Sun Feb 5 21:00:16 2017 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 67C33CD1E40 for ; Sun, 5 Feb 2017 21:00:16 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 458D51556 for ; Sun, 5 Feb 2017 21:00:16 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v15L01fT016582 for ; Sun, 5 Feb 2017 21:00:16 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <201702052100.v15L01fT016582@kenobi.freebsd.org> From: bugzilla-noreply@FreeBSD.org To: freebsd-pf@FreeBSD.org Subject: Problem reports for freebsd-pf@FreeBSD.org that need special attention Date: Sun, 05 Feb 2017 21:00:16 +0000 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Feb 2017 21:00:16 -0000 To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- Open | 203735 | Transparent interception of ipv6 with squid and p 1 problems total for which you should take action. From owner-freebsd-pf@freebsd.org Tue Feb 7 12:12:57 2017 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 35E2ACD14CA for ; Tue, 7 Feb 2017 12:12:57 +0000 (UTC) (envelope-from Paul.Pathiakis@gd-ms.com) Received: from az25dmzegs02.gd-ms.com (az25dmzegs02.gd-ms.com [63.226.32.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "az25dmzegs02.gd-ms.com", Issuer "Go Daddy Secure Certificate Authority - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1A23418DD for ; Tue, 7 Feb 2017 12:12:56 +0000 (UTC) (envelope-from Paul.Pathiakis@gd-ms.com) Received: from unknown (HELO az25sec06.localdomain) ([10.240.16.97]) by az25dmzegs02.gd-ms.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 07 Feb 2017 05:11:47 -0700 Received: from azrc4smsg23.rc4s.com (azrc4smsg23.rc4s.com [10.242.60.73]) by az25sec06.localdomain (Postfix) with ESMTP id CC2DC1140036 for ; Tue, 7 Feb 2017 05:11:46 -0700 (MST) Received: from azrc4sazmsg12.rc4s.com ([169.254.2.215]) by azrc4smsg23.rc4s.com ([10.242.60.73]) with mapi id 14.03.0319.002; Tue, 7 Feb 2017 05:11:44 -0700 From: "Paul.Pathiakis@gd-ms.com" To: "freebsd-pf@freebsd.org" Subject: NAT'ing same IP spaces Thread-Topic: NAT'ing same IP spaces Thread-Index: AdKBOBNCwBqVoYxwTJOLlZ7IQsOXyw== Date: Tue, 7 Feb 2017 12:11:43 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.245.246.55] MIME-Version: 1.0 X-Content-Scanned: Fidelis Mail Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Feb 2017 12:12:57 -0000 Hi, I have two sites, A and B, one is a mirror of the other. They have all the= same machines as their counterparts in the other site. They are in the 10= .10.10.x/24 address space I have a new repository machine that needs to get backups from all the mach= ines in both networks despite having the same IPs. One set connects to a switch on a 10.10.2.x/24 space and the other a 10.10.= 4.x/24 space on VLAN(s) on a switch. There are some strange gyrations that= people go through to PXEboot any of the machines with a DHCP to get an add= ress on the 10.10.2/24 or 10.10.4/24 and access things through the switch. I'm trying to think of a simple way with NAT and rdr to get the repository = to accept connections from a machine placed anywhere external to both sites= and be able to send a restore to the proper machine in either of the netwo= rks. None of the existing machines in either site can be modified by adding/chan= ging firewall settings or implementing NAT More detail... site A on 10.10.10.1 needs to be backed up via 10.10.2/24 as= does 10.10.10.10 in Site B but on 10.10.4/24. They need to talk to the repository. At one point, someone may need to res= tore. How can I differentiate between the machines in the two networks tha= t have the same IP? I can place the repository machine anywhere in the net= work but not in the sites themselves. Do I need multiple machines? Should I just have multiple cards on the repo= sitory machine? Thank you! P.