From owner-freebsd-hackers Thu Apr 11 9:11:31 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from matt2.lightrealm.com (237.154.96.63.in-addr.arpa [63.96.154.237]) by hub.freebsd.org (Postfix) with SMTP id E33EC37B400 for ; Thu, 11 Apr 2002 09:11:17 -0700 (PDT) Received: (qmail 10580 invoked from network); 11 Apr 2002 12:28:26 -0000 Received: from matt-g4.interland.net (192.168.7.250) by matt.interland.net with SMTP; 11 Apr 2002 12:28:26 -0000 Date: Thu, 11 Apr 2002 09:24:24 -0400 Mime-Version: 1.0 (Apple Message framework v481) Content-Type: multipart/alternative; boundary=Apple-Mail-1--577924979 Subject: Is natd the right tool? From: Matt Simerson To: freebsd-hackers@freebsd.org Message-Id: <70BBF3C4-4D4F-11D6-8065-00306553B5E4@blockads.com> X-Mailer: Apple Mail (2.481) Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --Apple-Mail-1--577924979 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed Natd is a very cool tool for doing stuff like redirecting connections from an external network to an internal one but I'm have a slightly different problem. I have a single host with one public interface: host - fxp0 = 192.168.7.251 Also on this same host is a bunch more IP's on the loopback interface: host - lo0 = 127.0.0.1 127.0.0.2 ..... On each of the loopback addresses I have a DNS server listening. This part works just fine: matt@matt: {101} % dig www.foo.com @127.0.0.2 ;; ANSWER SECTION: www.foo.com. 1D IN A 207.89.154.94 What I want to be able to do is send a dns query to the external interface of the machine on a non-standard port and have it redirect the query to a loopback address/port and return the query the appropriate query result to me. So, after reading the man page several times, I've tried using natd like this: natd -n fxp0 -redirect_port udp 127.0.0.2:53 192.168.7.251:55 However, doing so simply get's me a connection refused when I send it a query like this: matt@matt: {102} % dig -p 55 @192.168.7.251 www.foo.com ; <<>> DiG 8.3 <<>> -p @192.168.7.251 www.foo.com ; (1 server found) ;; res options: init recurs defnam dnsrch ;; res_nsend to server 192.168.7.251: Connection refused matt@matt: {103} % I'm not exactly certain why it's failing. Is this the best approach to solving this problem? Is there a better way to go about this? Matt --Apple-Mail-1--577924979 Content-Transfer-Encoding: 7bit Content-Type: text/enriched; charset=US-ASCII Arial0000,0000,FFFFNatd is a very cool tool for doing stuff like redirecting connections from an external network to an internal one but I'm have a slightly different problem. I have a single host with one public interface: host - fxp0 = 192.168.7.251 Also on this same host is a bunch more IP's on the loopback interface: host - lo0 = 127.0.0.1 127.0.0.2 ..... On each of the loopback addresses I have a DNS server listening. This part works just fine: matt@matt: {101} % dig www.foo.com @127.0.0.2 < ;; ANSWER SECTION: www.foo.com. 1D IN A 207.89.154.94 What I want to be able to do is send a dns query to the external interface of the machine on a non-standard port and have it redirect the query to a loopback address/port and return the query the appropriate query result to me. So, after reading the man page several times, I've tried using natd like this: natd -n fxp0 -redirect_port udp 127.0.0.2:53 192.168.7.251:55 However, doing so simply get's me a connection refused when I send it a query like this: matt@matt: {102} % dig -p 55 @192.168.7.251 www.foo.com ; <<<<>> DiG 8.3 <<<<>> -p @192.168.7.251 www.foo.com ; (1 server found) ;; res options: init recurs defnam dnsrch ;; res_nsend to server 192.168.7.251: Connection refused matt@matt: {103} % I'm not exactly certain why it's failing. Is this the best approach to solving this problem? Is there a better way to go about this? Matt --Apple-Mail-1--577924979-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message