Date: Sat, 12 Jun 2004 21:01:01 +0100 From: Stacey Roberts <stacey@vickiandstacey.com> To: Kevin Stevens <freebsd@pursued-with.net> Cc: Stacey Roberts <stacey@vickiandstacey.com> Subject: Re: NAT vs Public IP Range info needed, please Message-ID: <20040612200101.GH392@crom.vickiandstacey.com> In-Reply-To: <3E86B392-BCA4-11D8-8DC5-000A95D7C3C6@pursued-with.net> References: <20040612164622.GE392@crom.vickiandstacey.com> <3E86B392-BCA4-11D8-8DC5-000A95D7C3C6@pursued-with.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--uHXdqxJKu4m6W3Gg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi Kevin,
Thanks for replying.
----- Original Message -----
From: "Kevin Stevens <freebsd@pursued-with.net>"
To: To Stacey Roberts
Date: Sat, 12 Jun, 2004 20:11 BST
Subject: Re: NAT vs Public IP Range info needed, please
>=20
> On Jun 12, 2004, at 09:46, Stacey Roberts wrote:
>=20
> >The ISP's DSL package includes 8 static ip addresses: -
> >1 - network addr
> >1 - broadcast addr
> >1 "router" address
> >5 usable ip addresses
>=20
> >The -redirect_address syntax is as follows:
> >-redirect_address localIP publicIP
> >localIP The internal IP address of the LAN client.
> >publicIP The external IP address corresponding to the LAN=20
> >client.
>=20
> >What I would like to know is if it is possible to do to following: -
> >Given that the 5 usable public IP's are: 1.1.1.4, 1.1.1.5, 1.1.1.6,=20
> >1.1.1.7 & 1.1.1.8
> >1] G'Way host is assigned its own public IP - 1.1.1.3
> >2] LAN hosts' (all) traffic is NAT'd using one of the other public=20
> >IP's - 1.1.1.4
> >3] Remaining 4 public IP addresses are left to be used other purposes=20
> >(eg: "true" address redirection to a DMZ-host, that is not a member of=
=20
> >the internal LAN subnet)
>=20
> Not sure I understand (it would help if you used a real public /29 to=20
> illustrate, your example doesn't follow legal subnet rules). in 1)=20
> above, the gateway host ip has to come out of the usable address pool,=20
> which you designate .4 - .8. So in 1) you could have the gateway IP as=
=20
> .4. In 2) You have .5 assigned for many-one NATing (in the Linux world=
=20
> they'd call this ip masquerading). In 3) you'd have THREE public=20
> addressed left that could be used for one-one NAT.
Well.., despite the actual IP addresses used, you've got the general pictur=
e correct there. What I'm after is to be able to define an IP address that =
is *not* that which is assigned to the publicly-facing interface of the gat=
eway as the nat ip address for internal lan hosts.
>=20
> >As you see, the g'way's public ip is not being used for NAT'ing=20
> >internal hosts' outgoing traffic, but another ip from within the=20
> >assignied public ip address range. My reading of the NAT chapter does=20
> >not suggest that there is a way to define the public IP with which=20
> >traffic is to be translate. Is this functionality not supported, or=20
> >have I missed something when reading the various sections?
>=20
> It is AFAIK, they just don't use it in the example.
I've seen your follow-up mail arrive, where you've included the pointer to =
the alias -switch to natd(8). Cheers for that.., I'll have a read and try t=
o work this out.
Thanks again for taking the time.
Regards,
Stacey
>=20
> KeS
>=20
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o=
rg"
--uHXdqxJKu4m6W3Gg
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
iQEVAwUBQMtg+udvY+8mWFvRAQELvAf8DMf7ps0k9VaivhBlkBNUXp5J4PeQ/Yur
WDjkl5RH3Nd/crKyhtygAGG2gMvAnz3RaNUjr6SdJqrN9BhgYWBAmIUx7AfhMQsF
GE3A7cYDAEuohh1D/y93ZYTE8voSphP4BJlfoAIO4EXham//Fq2zBKFrhBZlCqfr
AXVV3gewFKlxN/qvIpCa/DTdQSw0ZWVvlO5hXrrRxv2d1pW/3cov7iDh8787g5aP
/4+KPDJR1/qM0qYV9RhepBn975d2QBTrw3NwR97DM9ILCMAIXO1ZBm7b4OUoUYVE
60InizgBYYV/mTuB1yXTffxcMNBPfJ5bdj0Jo9qHMnWMc7Ew1PWv8Q==
=e+rR
-----END PGP SIGNATURE-----
--uHXdqxJKu4m6W3Gg--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040612200101.GH392>