From owner-freebsd-questions Mon Aug 6 17:55: 9 2001 Delivered-To: freebsd-questions@freebsd.org Received: from falcon.mail.pas.earthlink.net (falcon.mail.pas.earthlink.net [207.217.120.74]) by hub.freebsd.org (Postfix) with ESMTP id 717D137B403 for ; Mon, 6 Aug 2001 17:55:06 -0700 (PDT) (envelope-from cjc@earthlink.net) Received: from blossom.cjclark.org (dialup-209.244.105.68.Dial1.SanJose1.Level3.net [209.244.105.68]) by falcon.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id RAA05933; Mon, 6 Aug 2001 17:55:04 -0700 (PDT) Received: (from cjc@localhost) by blossom.cjclark.org (8.11.4/8.11.3) id f770sw404028; Mon, 6 Aug 2001 17:54:58 -0700 (PDT) (envelope-from cjc) Date: Mon, 6 Aug 2001 17:54:57 -0700 From: "Crist J. Clark" To: Tabor Kelly Cc: freebsd-questions@FreeBSD.ORG Subject: Re: natd redirect_port only works from the outside Message-ID: <20010806175457.B449@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <3416923460.20010805161033@dsl-only.net> <20010806142643.A449@blossom.cjclark.org> <722021284.20010806152459@dsl-only.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <722021284.20010806152459@dsl-only.net>; from pdxmax@dsl-only.net on Mon, Aug 06, 2001 at 03:24:59PM -0700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Aug 06, 2001 at 03:24:59PM -0700, Tabor Kelly wrote: > Yes, I figured this out when I found this (from you): http://docs.freebsd.org/cgi/getmsg.cgi?fetch=1133854+0+archive/2000/freebsd-questions/20000924.freebsd-questions > > Well, now that I know that this is expected (my old Linksys router did > not have this issue), I think I will just live with it. > > Out of curiosity, what does it take to split my DNS? It greatly depends on how you are running DNS right now. Do you run your own DNS server? Of course, in the example you gave, you are using IP addresses. If you actually are using IP addresses and not hostnames to do stuff, this is no help. In split DNS, somehost.mydom.org will map to 63.105.29.28 for the outside world and 192.168.0.10 (or whatever) for your local net. > Also, what does > "ugly, ugly NAT games" consist of? I have yet to see a solution > documented. I've never tried to do it, but there seem to be three approaches, (1) sneak the traffic you want to redirect on the internal interface through the one existing natd(8) process, (2) run a second instance of natd(8) for the interior interface, or (3) use some other, more lightweight, method of doing the redirect than natd(8). If you can find a piece of software or method that fist your needs, (3) is probably best. After that, doing (2) and using natd(8) just to do a couple of redirects is a bit of overkill and you're not using natd(8) the way it was really meant to be used which makes it more likely you will run into problems and have a harder time getting help. Finally (1) is even farther from how natd(8) was meant to work and could screw up stuff that is working OK now. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message