Date: Sun, 19 May 1996 00:10:16 -0500 From: Clint Marek <clintm@ICSI.Net> To: Archie Cobbs <archie@whistle.com> Cc: terry@lambert.org, dwhite@riley-net170-164.uoregon.edu, FreeBSD-Questions@FreeBSD.org, bmah@cs.berkeley.edu Subject: Re: ip masquerading Message-ID: <319EAD38.3F54BC7E@icsi.net> References: <199605182006.NAA05459@bubba.whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Archie Cobbs wrote: > You seem to be implying that masquerading is ``detectable'' in some > way by external machines, that is, that somehow it's going to screw > up (or make angry) other routers on the Internet. This completely > escapes me. > > In other words, if you're saying it violates some protocol, then that > violation should be visible on the wire between the masquerading host > and the rest of the Internet. Can you describe what that violation is? > > Remember, we're talking about a situation where the hosts behind the > masquerading host are on a ``leaf'' network, without any other route > to the Internet. Obviously, it would be totally screwey otherwise. > > So as far as the Internet, the IETF, the protocol police, and everybody > else is concerned, there's only a single host at this site and it's > obeying all the rules! If you disagree, then the burden of proof is on > you to quote the relevant RFC's. > This is what I was using masquerading for. I did not want the possibility of a connection being initiated from the internet. I used reserved "unrouteable" IPs (192.168.*.*) on the ethernet, and my gateway/router/masquerader/firewall was my PC connected to the net via PPP. I was not aware that masquerading was unique/specific to Linux. Does the router-in-a-box from BSDi use socks? They advertise needing only one IP address to connect an ethernet to the internet. BTW, the Linux masquerading home page is http://www.indyramp.com/masq/ Clint
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?319EAD38.3F54BC7E>