Date: Sun, 5 Oct 2003 11:47:04 -0400 From: Don Bowman <don@sandvine.com> To: 'Leo Bicknell' <bicknell@ufp.org>, freebsd-hackers@freebsd.org Subject: RE: Changing the NAT IP on demand? Message-ID: <FE045D4D9F7AED4CBFF1B3B813C85337035E39E8@mail.sandvine.com>
next in thread | raw e-mail | index | archive | help
From: Leo Bicknell [mailto:bicknell@ufp.org] > > I'm considering options for a new project, and I think I've discovered > what I think is the best idea, but I don't think current software > supports the config. I'd like to get some confirmation, and > comments on > if it would be hard to implement. > > Consider: > > > ISP #1-------\ > \ > FreeBSD Box----LAN > / > ISP #2-------/ > > In this case the LAN would be 1918 space, the two ISP's would each > provide a public IP for the FreeBSD box. > > Now, NAT would be required. What I want to do is write an external > application to decide the performance of ISP #1 and ISP#2, and > somehow tell NAT which outside address to use. > > That, by itself, is not hard. Here's the trick. I want the switch > to be seamless. That is, if NAT is translating to ISP #1 and the > application says switch to #2 the existing translations to #1 (until > they go away naturally) should be kept, while new ones go to #2. > > The only ways I know to change the outside address seem to tear down > all existing connections. > > Is it possible to make this work today? Would it be hard to fix if > it doesn't work today? i wonder if ipfw stateful rules can be used to keep sessions bound to the same instance of natd, thus keeping the same external address for the duration of the layer-4 session?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FE045D4D9F7AED4CBFF1B3B813C85337035E39E8>