Date: Wed, 11 Jun 2003 21:15:29 +0300 From: Ruslan Ermilov <ru@freebsd.org> To: Ryan Wilkins <ryan@deadfrog.net> Cc: freebsd-hackers@freebsd.org Subject: Re: Policy Routing / NAT Question Message-ID: <20030611181529.GD14100@sunbay.com> In-Reply-To: <1055336153.3963.26.camel@localhost.localdomain> References: <1055336153.3963.26.camel@localhost.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
--EXKGNeO8l0xGFBjy
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Jun 11, 2003 at 08:55:53AM -0400, Ryan Wilkins wrote:
> Hello..
>=20
> I'm setting up a TCP protocol testbed for testing various enhanced TCP
> stacks for use over high bandwidth, high latency links such as
> Satellite. Due to hardware limitations of the FreeBSD boxes we're using
> (1U rackmount), there are no expansion slots left for additional network
> cards. This forces me to have to run some traffic over one gateway and
> the rest of the traffic over another gateway, all through one ethernet.=
=20
> The problem I have is I need to change the source address of some
> packets based on destination address. I was able to accomplish this in
> Linux using Source NAT. I'm not real well versed in FreeBSD hence the
> reason I'm asking for any assistance here. Does anyone have an idea how
> to change the source address based on destination address?
>=20
If all of these possible source addresses belong to the same interface of
the box in question (it's unclear from your message), this can be done
with route(8). For example:
# ifconfig rl0 inet
rl0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.4.115 netmask 0xffffff00 broadcast 192.168.4.255
inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255
inet 10.0.0.2 netmask 0xffffffff broadcast 10.0.0.2
# route add -net 11 10.0.0.3
add net 11: gateway 10.0.0.3
# route add -net 12 -ifa 10.0.0.2 10.0.0.4
add net 12: gateway 10.0.0.4
The route to the network 12 says to use 10.0.0.2 as the source
address when sending anonymous (with unfilled source address)
datagrams.
But if you need to change the traffic originated from other
hosts on your box, there are several NAT solutions for you.
Cheers,
--=20
Ruslan Ermilov Sysadmin and DBA,
ru@sunbay.com Sunbay Software Ltd,
ru@FreeBSD.org FreeBSD committer
--EXKGNeO8l0xGFBjy
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
iD8DBQE+53HBUkv4P6juNwoRAgB9AJ9EjaUds/k7vcSjDhJDEKa2IDLQ0wCfQQiY
UM0DBNXNzSBDQC+EuIaTAPg=
=eiuM
-----END PGP SIGNATURE-----
--EXKGNeO8l0xGFBjy--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030611181529.GD14100>