From owner-freebsd-questions Wed Dec 13 4: 0:32 2000 From owner-freebsd-questions@FreeBSD.ORG Wed Dec 13 04:00:29 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from www.newsindex.com (www.newsindex.com [64.71.138.178]) by hub.freebsd.org (Postfix) with ESMTP id 9834437B400 for ; Wed, 13 Dec 2000 04:00:29 -0800 (PST) Received: from localhost (speck@localhost) by www.newsindex.com (8.9.3/8.9.3) with ESMTP id EAA12183; Wed, 13 Dec 2000 04:00:17 -0800 (PST) (envelope-from speck@www.newsindex.com) Date: Wed, 13 Dec 2000 04:00:17 -0800 (PST) From: Sean Peck To: cjclark@alum.mit.edu Cc: David Raistrick , Chris Hill , freebsd-questions@FreeBSD.ORG Subject: Re: Configuring Gateway/NAT on Freebsd In-Reply-To: <20001212231103.H96105@149.211.6.64.reflexcom.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: speck@www.newsindex.com Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > OK, one more time. What _exactly_ are your configs? What _exactly_ is > and is not working? Saying "you have a machine running natd" and > giving us the IP is not enough. You ask what natd(8) "flags" to > use. Well, let's get the ones you are using now. All you really should > need are the entries to start it and provide the interface or > address. here are settings in rc.conf: natd_enabled="YES" natd_interface="172.16.0.1" (I have tried this with public ip and with private ip) natd_program="/sbin/natd" natd_flags="-a xxx.xxx.xxx.xxx" (public space address) gateway_enabled="YES" in rc.local I have the alias command to force nic in this box to also listen at 172.16.0.1 as follows ifconfig xl0 alias 172.16.0.1 netmask 0xffffff00 Network looks like this ISP 1 Machine, in my network listening as both a public IP and to 172.16.0.1 This is the machine that natd is running on, and I wish to be the gateway to my network. other machines behind this all in 172.16.0.x space, with their default router set to 172.16.0.1 and netmask of 255.255.255.0 ifconfig -a : xl0: flags=8843 mtu 1500 inet xx.xx.xx.xxx netmask 0xffffff00 broadcast 64.2.61.255 inet 172.16.0.1 netmask 0xffffff00 broadcast 172.16.0.255 ether 00:01:02:34:0b:61 media: 10baseT/UTP supported media: 10baseT/UTP 10baseT/UTP 10baseT/UTP lp0: flags=8810 mtu 1500 tun0: flags=8010 mtu 1500 sl0: flags=c010 mtu 552 ppp0: flags=8010 mtu 1500 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 netstat -rn: Destination Gateway Flags Refs Use Netif Expire default 64.2.61.1 UGSc 70 257 xl0 64.2.61/24 link#1 UC 0 0 xl0 64.2.61.1 0:10:67:0:3b:92 UHLW 71 0 xl0 470 127.0.0.1 127.0.0.1 UH 0 578 lo0 172.16/24 link#1 UC 0 0 xl0 ipfw sh ipfw: getsockopt(IP_FW_GET): Protocol not available (OBVIOUSLY THIS ISN'T RIGHT... ) grep natd is not showing the process running either...very weird. > Some more things that will help us, and you, figure this out, > > # ifconfig > # netstat -rn > # ipfw sh > # ps aux | grep natd > Use tcpdump(8) to check where the traffic is going. > > -- > Crist J. Clark cjclark@alum.mit.edu > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message