From owner-freebsd-net@FreeBSD.ORG Wed Jan 26 18:38:24 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2F91016A4CE for ; Wed, 26 Jan 2005 18:38:24 +0000 (GMT) Received: from smtp.freemail.gr (smtp.freemail.gr [213.239.180.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 76F6743D58 for ; Wed, 26 Jan 2005 18:38:23 +0000 (GMT) (envelope-from dionch@freemail.gr) Received: by smtp.freemail.gr (Postfix, from userid 101) id B56BBBC030; Wed, 26 Jan 2005 20:38:21 +0200 (EET) Received: from R3B (unknown [62.38.162.62])by smtp.freemail.gr (Postfix) with ESMTP id 0EE4EBC024;Wed, 26 Jan 2005 20:38:16 +0200 (EET) Message-ID: <007601c503d6$026bc8b0$0100000a@R3B> From: "Chris Dionissopoulos" To: "Mihai Nitulescu" , "Thomas M. Skeren III" , "Brian Reichert" References: <20050126181654.2832.qmail@web30402.mail.mud.yahoo.com> Date: Wed, 26 Jan 2005 20:36:46 +0200 MIME-Version: 1.0 Content-Type: text/plain;format=flowed;charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 cc: freebsd-net@freebsd.org cc: Mihai Nitulescu Subject: Re: public ip address behind nat X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Chris Dionissopoulos List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jan 2005 18:38:24 -0000 1. Dont add any alias to rl1, just keep 192.168.0.254/24 2. Delete all ip/masks of app.example.com. 3. Add 193.231.43.26/32 as ip/mask to app.example.com 4. Do a "route add 192.168.0.254/32 -interface ($nic) -cloning on app.example.com 5. and "route add default 192.168.0.254" on app.example.com 6. Delete all ip/masks on rl0 only, of nat.example.com 7. Add 193.231.43.33/32 as ip/mask to nat.example.com (rl0). 8. Do a "route add nat_gateway/32 -interface rl0 -cloning" on nat.example.com 9. and "route add default nat_gateway" on nat.example.com 10. and "route add 193.231.43.26/32 -interface rl1 -cloning" on nat.example.com worked? Chris. > Hi all, > > Here is what i have done so far. > > i worked only on the nat.ex.com > > internet > | > | > ________rl0(193.23143.33)________ > | | > | nat.example.com | > | | > |_______rl1(192.168.0.254)________| > | > _____|______ > |___________| switch > | | > -------------------------------| |----------------------| > LAN _xl0(193.231.43.26) > | > | > | > app.example.com | > | > ________________| > > > > OK, > So I created on nat.example.com on rl1 a virtual interface > ifconfig rl1 alias 193.231.43.25 255.255.255.248 > After that i created a route for this new interface > route add 193.231.43.25 193.231.43.33 -iface > > So now i can ping rl1 rl0 & internet from the app.example.com but i cannot > access this machine from the internet. > > Any thoughts on that ?? > > rgds > > Mihai > > > > > > > > "Thomas M. Skeren III" wrote: > Brian Reichert wrote: > > On Mon, Jan 24, 2005 at 03:21:19PM -0800, Mihai Nitulescu wrote: > > In the LAN i have the other machine application.example.comI have some > Public IP`s from my ISP : 193.231.43.25-30 255.255.255.248 I want to > assign to application.example.com 193.231.43.27 and to route this ip > trough nat.example.com Any ideea how can i do that ? > I'm having problems with your setup. Is Application.example.com at > 193.531.43.27 or is it on the lan with an internal address? > > If it's internal, then machines on the lan can see the internal IP, so > there's no reason for it to have a public address. If machines outside > the lan need to get to app.ex.com, then use natd_flags in rc.conf and > point the ports you need opened on app to the local addy of app, and use > the NAT's external addy for the external users of app. That would be the > easiest way if you don't want to give an external addy to app. > > Of course the easiest way is to just give app an external addy and plug it > into the ISP supplied router. Unless app is a M$ box, of course. > See 'redirect_address' in natd(8).I believe you'll also need to assign > your public IPs to the externalinterface of your NAT box.I have a similar > setup, but I need to review just what I've doneto make that work... > > Please help. Regards, Mihai > > > > > > --------------------------------- > Do you Yahoo!? > Yahoo! Search presents - Jib Jab's 'Second Term' > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" ____________________________________________________________________ http://www.freemail.gr - δωρεάν υπηρεσία ηλεκτρονικού ταχυδρομείου. http://www.freemail.gr - free email service for the Greek-speaking.