Date: 23 Oct 2001 20:59:18 -0500 From: Kirk Strauser <kirk@strauser.com> To: freebsd-net@freebsd.org Subject: Re: Silly problem has me stumped Message-ID: <87lmi1n6h5.fsf@pooh.int> In-Reply-To: <Pine.BSF.4.33.0110240123240.98768-100000@spaz.catonic.net> References: <Pine.BSF.4.33.0110240123240.98768-100000@spaz.catonic.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 2001-10-24T01:30:35Z, Kris Kirby <kris@catonic.net> writes: > And a tidbit just surfaced from the mud! Use ipfw + natd to nat anything > that would directly come from / to the private address and use "natd -u -a > 1.2.3.1" (assumes .1 is the gateway). Careful that you don't wind up > looking at every single packet though. Ahhh... That doesn't sound too bad. Lately I've somewhat taken to ipfilter so I'll wave the appropriate translation stick at the issue. > The other solution would be to accuse your ISP of being incompentent / > cheap, etc. and complain until you get a public /30 for the WAN link. Actually, they're far and away the most competent provider in the area. Our contact is a CCNA-working-on-CCIE and really seems to know his stuff. We're also now on a dual-homed network, connected by two counter-rotating fiber rings. The rationale I heard was that this was something they went out of their way to do in order to avoid wasting public IPs on router interfaces. Coming from anyone else, I'd agree with you. From these guys, I tend to believe them. > I'm a fascist; I wouldn't have taken a link without a public WAN ip. Well, we have a whole public /24. Only the routing block is private, which I'm sure will seem like a better idea once I coerce this $@#!() FreeBSD box to bend to my will. -- Kirk Strauser To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87lmi1n6h5.fsf>