From owner-freebsd-questions@FreeBSD.ORG Thu Mar 29 18:21:15 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0CB5116A409 for ; Thu, 29 Mar 2007 18:21:15 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: from pearl.ibctech.ca (pearl.ibctech.ca [208.70.104.210]) by mx1.freebsd.org (Postfix) with ESMTP id A555313C4BE for ; Thu, 29 Mar 2007 18:21:14 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: (qmail 67086 invoked by uid 1002); 29 Mar 2007 18:21:14 -0000 Received: from iaccounts@ibctech.ca by pearl.ibctech.ca by uid 89 with qmail-scanner-1.22 (spamassassin: 2.64. Clear:RC:1(208.113.63.132):. Processed in 5.454957 secs); 29 Mar 2007 18:21:14 -0000 Received: from unknown (HELO ?192.168.1.242?) (steve@ibctech.ca@208.113.63.132) by pearl.ibctech.ca with SMTP; 29 Mar 2007 18:21:08 -0000 Message-ID: <460C031B.6060708@ibctech.ca> Date: Thu, 29 Mar 2007 14:19:07 -0400 From: Steve Bertrand User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: freebsd-questions@freebsd.org X-Enigmail-Version: 0.94.2.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: route-map and IPFW fwd X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Mar 2007 18:21:15 -0000 Hi all, I think this may be more of a natd question, but I'm not sure. I'll keep this as short as possible, so if anyone thinks they can help, just ask for more info if required. I have a dial-up pool on one interface of a Cisco router, and a DNS server on a subnet on another int. The DNS server is to be re-ip'd (we got our own ARIN allocation and need to return our MCI assigned IP's), so I need to route-map incoming packets from the dun users pointing to the old DNS server IP, to the new one. The route-map on the Cisco works. The fwd on the DNS server properly fwd's the packets sent to the old address to itself on the new address. The DNS server properly formulates it's response, and the client receives said response. The problem is that the DNS server is sending the result back using it's new IP (which is proper), however, a FreeBSD client will drop the packet as it states something to the effect "expecting packet from old.ip.addr.ess, but received from new.ip.addr.ess". I don't know if Windows will barf, but even if it doesn't, I need a proper solution until we can manually have our users change the hard coded DNS server info. Can I force the FreeBSD DNS server to rewrite the src address on the reply packet to the client so it appears as though it's coming from the old IP? I've fooled with natd, but just can't get the configuration right. TIA, Steve