Date: Wed, 14 Jan 2004 22:20:22 +0100 From: Nils Vogels <nivo+sender+8eb026@yuckfou.org> To: freebsd-net@freebsd.org Subject: Re: Routing Networks Message-ID: <4005B296.8040201@yuckfou.org> In-Reply-To: <56020.148.243.211.1.1074064019.squirrel@mail.unixmexico.com>
index | next in thread | previous in thread | raw e-mail
Nicolás de Bari Embríz G. R. wrote: >Hi all, I need some help routing or making Nat on a LAN. > >I have something like this: > > > I N T E R N E T > ----------------- > ^ ^ > | | >fxp0 public IP public IP > | | > FreeBSD server LINUX server > | | >dc0 192.168.10.1 | >dc1 192.168.1.1 ^ 192.168.1.3 > ^ | ^ > | | | > | | | > ---------------- > | Switch/Hub | > ---------------- > | | > ------------------ ----------------- > | LAN A | | LAN B | > | 192.168.10.2-254 | | 192.168.1.4-100 | > ------------------ ----------------- > >I have running a FreeBSD server as a gateway and DHCP, the server share >the Internet to all the computers on LAN A (192.168.10.0/24). > >The server have 3 network cards: > >fxp0 is public IP. >dc0 is the gateway for the LAN A "192.168.10.1". >dc1 has IP 192.168.1.1 ( need help with this ). > > >Right now i am just using fxp0 and dc0 so any computer on the LAN A >"192.168.10.2-254" can have Internet, my ipnat.rules file looks like this: > >-- >map fxp0 192.168.10.1/24 -> 0/32 portmap tcp/udp auto >map fxp0 192.168.10.1/24 -> 0/32 >-- > >until that point everything just work OK. > >There is another network, I will call it LAN B, this LAN make the same >thing that i am doing with the FreeBSD Server, but instead it uses LINUX, >the m achine have 2 network cars. > >eth0 has a public IP. >eth1 is the gateway for the LAN B "192.168.1.3" > > >Both networks are connected to the same switch/hub, but now i need that >the computers of LAN A can see "ping" computers on LAN B. > > You need to tell the Linux server, that it can reach the clients on LAN A via the 192.168.1.1 IP address. This can be done by putting a route in the routing table of the linux box, along the lines of this command: route add -net 192.168.10.0/24 192.168.1.1 Offcourse, the syntax might be slightly off. If you *REALLY REALLY* cannot make this change on the Linux box (really, it's only minor, nothing to worry about for it's sysadmin) you could try to NAT the traffic when going from LAN A to the server. This however will only make connections /FROM/ LAN A /TO/ the Linux box possible. Connections /TO/ LAN A /FROM/ the Linux box will not be possible. This should work with an ipnat rule that goes something along the lines of: map dc1 192.168.10.0/24 -> 192.168.1.1/32 portmap tcp/udp auto map dc1 192.168.10.0/24 -> 192.168.1.1/32 HTH & HAND -- Simple guidelines to happiness: Work like you don't need the money, love like your heart has never been broken and dance like no one can see you.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4005B296.8040201>