Date: Tue, 18 Apr 2000 15:37:29 -0400 From: "Matthew B. Henniges" <matt@axl.net> To: <freebsd-stable@freebsd.org> Subject: nat redirection Message-ID: <KBEAJDGMGMDNDPICHDNHCELAEEAA.matt@axl.net>
next in thread | raw e-mail | index | archive | help
Hello all, thanks for reading. I am hiding the 10.0.1.0/24 network behind a freebsd 4.0-S box, with natd. This network is for our desktop machines. there are 3 ips bound to the outer nic(dc0) 216.66.11.23 216.66.11.90 and 216.66.11.91 and 1 ips bound to the inner nic(dc1) 10.0.1.1 there is a w2k server on 10.0.1.200. This server is hosting some web/ftp sites that need to be accessable to the world. So, natd is started with: #www and ftp mapping redirect_port tcp 10.0.1.200:20-21 216.66.11.90:20-21 redirect_port tcp 10.0.1.200:80 216.66.11.90:80 #ftp2 mapping redirect_port tcp 10.0.1.201:20-21 216.66.11.91:20-21 So far, so good. Heres the problem: there are various DNS entries that point to 216.66.11.90 and 91. If one of the clients on 10.0.1.* tries to browse/ftp to one of these, it can't connect because the natd redirection to those only listens on the outside nic. What is the best way to solve this problem? My thoughts were: 1. using some ipfw fwd rules... This seems to me like it should work, thought I was unable to get it working. or 2. give different replies to the 10.0.1 network than I give to everybody else.. Anybody have any ideas? Thanks in advance- Matthew B. Henniges CoPresident Axl.net Communications http://www.axl.net (203) 552-1714 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?KBEAJDGMGMDNDPICHDNHCELAEEAA.matt>