From owner-freebsd-net@FreeBSD.ORG Wed Jan 26 18:16:56 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7F8BE16A4CF for ; Wed, 26 Jan 2005 18:16:56 +0000 (GMT) Received: from web30402.mail.mud.yahoo.com (web30402.mail.mud.yahoo.com [68.142.200.105]) by mx1.FreeBSD.org (Postfix) with SMTP id 69F4943D2F for ; Wed, 26 Jan 2005 18:16:55 +0000 (GMT) (envelope-from mihaissa@yahoo.com) Received: (qmail 2834 invoked by uid 60001); 26 Jan 2005 18:16:55 -0000 Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; b=N9KrKQkbOtesexrhlKLUyI+OEGcARFallTMnLAYp83pxWN/Z0ic4Ikc3CAEVxeZdM9fyHpvEOvgOtkQ9O09PpXrKNbA0zpYrrXKLcJiiO9W0kKLC3gNIV9yfXp90O9BDeQbSdIfyvjGfihyc7uGddVIxBvkV0IXKwwvGvT4Lubw= ; Message-ID: <20050126181654.2832.qmail@web30402.mail.mud.yahoo.com> Received: from [193.231.73.33] by web30402.mail.mud.yahoo.com via HTTP; Wed, 26 Jan 2005 10:16:54 PST Date: Wed, 26 Jan 2005 10:16:54 -0800 (PST) From: Mihai Nitulescu To: "Thomas M. Skeren III" , Brian Reichert In-Reply-To: <41F6D2F2.9070605@fskklaw.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.1 cc: freebsd-net@freebsd.org cc: Mihai Nitulescu Subject: Re: public ip address behind nat X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jan 2005 18:16:56 -0000 Hi all, Here is what i have done so far. i worked only on the nat.ex.com internet | | ________rl0(193.23143.33)________ | | | nat.example.com | | | |_______rl1(192.168.0.254)________| | _____|______ |___________| switch | | -------------------------------| |----------------------| LAN _xl0(193.231.43.26) | | | app.example.com | | ________________| OK, So I created on nat.example.com on rl1 a virtual interface ifconfig rl1 alias 193.231.43.25 255.255.255.248 After that i created a route for this new interface route add 193.231.43.25 193.231.43.33 -iface So now i can ping rl1 rl0 & internet from the app.example.com but i cannot access this machine from the internet. Any thoughts on that ?? rgds Mihai "Thomas M. Skeren III" wrote: Brian Reichert wrote: On Mon, Jan 24, 2005 at 03:21:19PM -0800, Mihai Nitulescu wrote: In the LAN i have the other machine application.example.comI have some Public IP`s from my ISP : 193.231.43.25-30 255.255.255.248 I want to assign to application.example.com 193.231.43.27 and to route this ip trough nat.example.com Any ideea how can i do that ? I'm having problems with your setup. Is Application.example.com at 193.531.43.27 or is it on the lan with an internal address? If it's internal, then machines on the lan can see the internal IP, so there's no reason for it to have a public address. If machines outside the lan need to get to app.ex.com, then use natd_flags in rc.conf and point the ports you need opened on app to the local addy of app, and use the NAT's external addy for the external users of app. That would be the easiest way if you don't want to give an external addy to app. Of course the easiest way is to just give app an external addy and plug it into the ISP supplied router. Unless app is a M$ box, of course. See 'redirect_address' in natd(8).I believe you'll also need to assign your public IPs to the externalinterface of your NAT box.I have a similar setup, but I need to review just what I've doneto make that work... Please help. Regards, Mihai --------------------------------- Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term'