From owner-freebsd-questions@FreeBSD.ORG Wed Apr 23 06:33:18 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BCED437B401 for ; Wed, 23 Apr 2003 06:33:18 -0700 (PDT) Received: from ntli.com (pc1-glfd2-4-cust59.glfd.cable.ntl.com [81.99.187.59]) by mx1.FreeBSD.org (Postfix) with ESMTP id C11D043FAF for ; Wed, 23 Apr 2003 06:33:17 -0700 (PDT) (envelope-from william@palfreman.com) Received: from aqua.lan.palfreman.com (localhost [127.0.0.1]) by ntli.com (8.12.3p2/8.12.3) with ESMTP id h3NDgFRa004639; Wed, 23 Apr 2003 14:42:15 +0100 (BST) (envelope-from william@palfreman.com) Received: from localhost (william@localhost)h3NDgEWO004636; Wed, 23 Apr 2003 14:42:15 +0100 (BST) X-Authentication-Warning: aqua.lan.palfreman.com: william owned process doing -bs Date: Wed, 23 Apr 2003 14:42:14 +0100 (BST) From: William Palfreman To: Badaceanu Emanuel In-Reply-To: <20030423124612.83817.qmail@web10108.mail.yahoo.com> Message-ID: <20030423143110.C632@ndhn.yna.cnyserzna.pbz> References: <20030423124612.83817.qmail@web10108.mail.yahoo.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-questions@freebsd.org Subject: Re: Troubleshoting with nat X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2003 13:33:19 -0000 On Wed, 23 Apr 2003, Badaceanu Emanuel wrote: > Hello, > I have two subsnet Class C and I tried to make nat > between two network cards and the results of my works > it is: > - ping from the computer situated in the network 1 on > the first card it's ok; > - ping from the computer situated in the network 1 on > the second card it's ok; > But, ping from the computer situated in the network 1 > on the other computer situated in the network 2 it's > failed. Sounds right. You are natting one network into the other, so pings from the natted network are getting through, but are labelled as coming from the NAT router, pings coming the other way don't, because they can only see the one host. That is what many-to-one nat is supposed to do, hide a whole network behind one external IP address. I think you don't want to NAT between them, you want to route. For one, I suspect (correct me if I'm wrong) that these two networks are LANs, and are in LAN address space. I find it hard to believe you have been allocated one class C subnet by IANA, let alone two. Maybe if you were an co-lo, and then you would probably have guys around who already knew what to do. So, are they both LANs? If so, just route between them. Static routeing using the "route add" command should be fine. Leave NAT for the gateway to the Internet proper. Bill.