Date: Fri, 17 May 1996 18:06:07 -0700 (PDT) From: Archie Cobbs <archie@whistle.com> To: terry@lambert.org (Terry Lambert) Cc: dwhite@riley-net170-164.uoregon.edu, clintm@ICSI.Net, FreeBSD-Questions@freebsd.org Subject: Re: ip masquerading Message-ID: <199605180106.SAA00742@bubba.whistle.com> In-Reply-To: <199605172123.OAA20745@phaeton.artisoft.com> from "Terry Lambert" at May 17, 96 02:23:27 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > > Is ip masquerading available for FreeBSD? I would like to route > > > my Amiga (via NetBSD/ethernet) through my PC (FreeBSD), and I > > > only have one IP address. I had this set up in Linux, but after > > > I had a disk crash (which I don't think was Linux-related) I > > > would like to give FreeBSD a try. If there is no masquerading > > > availabe, is it being worked on? > > > > AFAIK, FreeBSD doesn't provide this capability. I doubt it ever will, sinc > > IP masqerading was considered "evil" by some of the group :-) > > Actually, the only people who believe that it is evil are those > of us who believe FreeBSD should comply with IETF standards so > that the backbone routers don't refuse to connect us to the > Internet. > > Which is to say, everyone who understands the problem. Hmmm... guess I don't understand the problem. :-) Just to make sure we're talking about the same thing, ``masquerading'' means using remapped TCP and UDP port numbers to facilitate internal hosts connecting to external servers, even though you only have one machine really talking to the Internet. You give all of the outgoing packets the same IP address but remap their source ports so when traffic comes back you know who it is really destined for, do the reverse mapping, etc.. Now, as far as the rest of the Internet is concerned, it just looks like your one IP address happens to be generating a lot of traffic, no? At least under the (not always valid) assumption that you don't run out of ports in your remapping range. What standards in particular are you referring to? Of course, some protocols (which embed address information in the packets, like FTP) will not work through this kind of hackery without even more hackery, but at least it provides a capability to certain folks who didn't have it before. Seems like it would be one's own business whether they did masquerading or not. -Archie ___________________________________________________________________________ Archie L. Cobbs, archie@whistle.com * Whistle Communications Corporation
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605180106.SAA00742>