From owner-freebsd-questions@FreeBSD.ORG Thu Jan 15 14:32:20 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 39BA216A4CE for ; Thu, 15 Jan 2004 14:32:20 -0800 (PST) Received: from mail.seekingfire.com (coyote.seekingfire.com [24.72.10.212]) by mx1.FreeBSD.org (Postfix) with ESMTP id A86E943D67 for ; Thu, 15 Jan 2004 14:32:18 -0800 (PST) (envelope-from tillman@seekingfire.com) Received: by mail.seekingfire.com (Postfix, from userid 500) id 15220E0; Thu, 15 Jan 2004 16:32:18 -0600 (CST) Date: Thu, 15 Jan 2004 16:32:17 -0600 From: Tillman Hodgson To: freebsd-questions@freebsd.org Message-ID: <20040115223217.GQ468@seekingfire.com> References: <20040114163043.GL415@seekingfire.com> <200401141827.30569.ajacoutot@lphp.org> <200401151710.01743.ajacoutot@lphp.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200401151710.01743.ajacoutot@lphp.org> X-Habeas-SWE-1: winter into spring X-Habeas-SWE-2: brightly anticipated X-Habeas-SWE-3: like Habeas SWE (tm) X-Habeas-SWE-4: Copyright 2002 Habeas (tm) X-Habeas-SWE-5: Sender Warranted Email (SWE) (tm). The sender of this X-Habeas-SWE-6: email in exchange for a license for this Habeas X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this X-Habeas-SWE-9: mark in spam to . X-GPG-Key-ID: 828AFC7B X-GPG-Fingerprint: 5584 14BA C9EB 1524 0E68 F543 0F0A 7FBC 828A FC7B X-GPG-Key: http://www.seekingfire.com/gpg_key.asc X-Urban-Legend: There is lots of hidden information in headers User-Agent: Mutt/1.5.5.1i Subject: Re: Loading balancing with more than one ISP. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jan 2004 22:32:20 -0000 On Thu, Jan 15, 2004 at 05:10:01PM +0100, Antoine Jacoutot wrote: > On Thursday 15 January 2004 16:41, Dirk Meyer wrote: > > Thats easy on your router: > > #!/bin/sh > > gateway1="10.10.10.1" > > gateway2="10.10.10.2" > > dmz="10.10.20.0/24" > > lan="10.10.30.0/24" > > ipfw add fwd ${gateway2} ip from ${dmz} to any > > ipfw add fwd ${gateway1} ip from ${lan} to any > > Thanks... but the thing is that I already tried this, but I have dynamic IPs > and I need NAT... > I just sent a new mail to the list, if you can check it out, my configuration > is explained. I NAT with IPFilter (ipnat, really) rather than IPFW (natd, really) so I can't help with IPFW. But in ipnat you can NAT to an interface and thus it follows IP changes. Taking my previous example and getting more specific, here's my NAT on my dynamic IP on an ADSL line to CVSup12 (if you'll recall, my goal was to eliminate "system" traffic from the main link and thus CVSup was among the items moved to the ADSL link): # ... cvsup12.freebsd.org map rl2 from 192.168.23.0/24 to 128.46.156.46/32 -> rl2/32 This is a good example because I'm NATing to a specific interface (rl2) rather than to an IP (which can change with DHCP fairly regularly). But it's also a bad example because I'm sending traffic to cvsup12 by specific IP and this will break if they ever change IP's ;-) Ah well, if that happens the daily email will show it and I'll adjust it for the next days run. So it works not-too-bad for this application. -T -- "If you do not feel yourself growing in your work and your life broadening and deepening, if your task is not a perpetual tonic to you, you have not found your place." - Orison Swett Marden {1850-1924 Founder of Success Magazine}