From owner-freebsd-questions  Tue Jul  3 20:44:31 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from cody.jharris.com (cody.jharris.com [205.238.128.83])
	by hub.freebsd.org (Postfix) with ESMTP id CF14E37B405
	for <freebsd-questions@FreeBSD.ORG>; Tue,  3 Jul 2001 20:44:27 -0700 (PDT)
	(envelope-from nick@rogness.net)
Received: from localhost (nick@localhost)
	by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f6459g602908;
	Wed, 4 Jul 2001 00:09:52 -0500 (CDT)
	(envelope-from nick@rogness.net)
Date: Wed, 4 Jul 2001 00:09:42 -0500 (CDT)
From: Nick Rogness <nick@rogness.net>
X-Sender: nick@cody.jharris.com
To: Andrew Reid <andrew.reid@plug.cx>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Static NAT using natd
In-Reply-To: <994209462.6462.14.camel@percible.alfred.cx>
Message-ID: <Pine.BSF.4.21.0107032359320.2754-100000@cody.jharris.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On 4 Jul 2001, Andrew Reid wrote:

> Hello All,
> 
> >From the documentation that I've read, it's possible to do static NAT
> using natd. However, I have a /26 subnet that I need to run static NAT
> on.

	Yes, you can do it.  You need to look at the 'redirect_address".

> 
> Ie, I want connections from my (internal) mail server to be run out
> through 1.2.3.1, and connections from my (internal) web server to be
> run out through 1.2.3.2.
> 
> I know this is quite trivial using IPF (well, IPNAT), but it seems to be
> quite difficult to do (with natd) when there are 60-odd addresses, each
> with their own pathways.

	I don't know what you mean by "own pathways" but
	currently, if you want all inside addresses to each have their own
	unique public address you will need to add a redirect_address
	statement for EACH address...(62 host IPs) :-(

	As a side thought...
	It would be nice to have a 'pool' statement option were
	you could give this type of information like 1.2.3.0/26.  I
	suppose you could do this by changing natd a bit and keep some
	sort of state table structure keeping track of private->public 
	IP mappings...or maybe changing libalias to do it for you since it
	already kinda does this.  I feel a project coming about ;-)

> 
> Have I missed something that can allow me to use natd to do what I've
> outlined above? If so, can anyone suggest any documentation that could
> help in this circumstance?

	man natd look at redirect_address.


Nick Rogness <nick@rogness.net>
 - Keep on Routing in a Free World...
  "FreeBSD: The Power to Serve!"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message