From owner-freebsd-questions@FreeBSD.ORG Fri Feb 17 17:29:17 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BFCB616A420 for ; Fri, 17 Feb 2006 17:29:17 +0000 (GMT) (envelope-from tedm@toybox.placo.com) Received: from mail.freebsd-corp-net-guide.com (mail.web-strider.com [65.75.192.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id F29A143D49 for ; Fri, 17 Feb 2006 17:29:16 +0000 (GMT) (envelope-from tedm@toybox.placo.com) Received: from tedwin2k (nat-rtr.freebsd-corp-net-guide.com [65.75.197.130]) by mail.freebsd-corp-net-guide.com (8.11.1/8.11.1) with SMTP id k1HHT9u21146; Fri, 17 Feb 2006 09:29:09 -0800 (PST) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "Greg Barniskis" , "freebsd-questions" Date: Fri, 17 Feb 2006 09:29:09 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1506 In-Reply-To: <43F5FD03.4080500@scls.lib.wi.us> Importance: Normal Cc: Subject: RE: question on NAT for multiple subnets X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Feb 2006 17:29:17 -0000 I've never done it but I think you can run multiple nat instances and multiple divert sockets, you will have to specify them in the config file to natd, though. If it were me, though, I would try to setup multiple FreeBSD boxes, not only does that give you some redundancy, but it makes troubleshooting a lot easier. Ted >-----Original Message----- >From: owner-freebsd-questions@freebsd.org >[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Greg Barniskis >Sent: Friday, February 17, 2006 8:43 AM >To: freebsd-questions >Subject: question on NAT for multiple subnets > > >I'm sure I could figure this out from scrutinizing Google, the >FreeBSD documentation, and testing in a lab, but I'm particularly >pressed for time on finding the right answer to this. > >For a long time we've been quite happy coalescing all private IP >client requests onto a single public IP address through NAT. >Management now wants more granularity, at least one unique public IP >per private subnet. > >Can I set up a single ipfw box that examines client source ip addrs >and provides different public NAT addrs for each private client subnet? > >Any pointers to the best way to think about this issue much >appreciated. If the answer is ipfw doesn't handle this, but some >other fw does, fine, I just need to know which. Thanks! > > >-- >Greg Barniskis, Computer Systems Integrator >South Central Library System (SCLS) >Library Interchange Network (LINK) >, (608) 266-6348 >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to >"freebsd-questions-unsubscribe@freebsd.org" > >-- >No virus found in this incoming message. >Checked by AVG Free Edition. >Version: 7.1.375 / Virus Database: 267.15.10/263 - Release >Date: 2/16/2006 >