Date: Tue, 9 Mar 2004 09:15:13 -0800 (PST) From: asd ads <jason_highland@yahoo.com> To: Tony Frank <tfrank@optushome.com.au> Cc: freebsd-ipfw@freebsd.org Subject: Re: Multiple natd and inbound web traffic Message-ID: <20040309171513.96071.qmail@web41305.mail.yahoo.com> In-Reply-To: <20040309112748.GB8528@marvin.home.local>
next in thread | previous in thread | raw e-mail | index | archive | help
Hey Tony Thanks for the help. I seem to be having the same problem. Here's the ruleset 5 divert 8668 ip from any to any via fxp0 5 divert 8669 ip from any to any via fxp1 6 fwd xx.xx.12.1 ip from xx.xx.12.2 to any 7 fwd yy.yy.34.1 ip from yy.yy.34.2 to any 10 allow all from any to any /sbin/natd -p 8668 -interface fxp0 -redirect_port tcp 192.168.200.10:80 xx.xx.12.2:80 /sbin/natd -p 8669 -interface fxp1 -redirect_port tcp 192.168.200.10:80 yy.yy.34.2:80 First Connection works fine. When I try the second one I run tcpdump and see the connection come in thru yy.yy.34.2(cable) but exits out xx.xx.12.1 due the the default route. Any ideas? Jason --- Tony Frank <tfrank@optushome.com.au> wrote: > Hi there, > > On Mon, Mar 08, 2004 at 11:14:17PM -0800, asd ads > wrote: > > I have the following setup below. A FreeBSD 4.9 > > machine with 3 nics fxp0, fxp1 and ed0. Fxp0 is > > connected to my DSL connection, fxp1 is connected > to > > my Cable connection and ed0 is my internal > network. > > > > > > xx.xx.12.1 yy.yy.34.1 > > --------- ------ > > | DSL | |Cable| > > --------- ------ > > | | > > \ / > > \ / > > \ / > > \ / > > \ / > > fxp0 | | fxp1 > > .12.2 | |.34.2 > > | | > > ----------------- > > | FW | > > | Default route | > > | xx.xx.12.1 | > > | | > > ----------------- > > | > > |ed0 > > |192.168.200.1 > > | > > | > > ----- > > | | > > | | Web Server > > | | 192.168.200.10:80 > > | | > > ----- > > > > What I'm trying to do: > > > > Need to have inbound web traffic (from both > > connections) foward to the same internal web > server. > > > > Problem: > > > > When a web connection is made to > xx.xx.12.2:80(DSL), > > its nated to 192.168.200.10:80(websrv) and then > back > > to the client(all is well at this point). > > > > The problem occars when a connection is made to > > yy.yy.34.2:80(cable), it's nated with the second > > instance of nat to 192.168.200.10:80(websrv) but > when > > it trys to respond back to the client the default > > route forces it back thru the first connection. > > > > Does anyone have a good example of a fwd & divert > > rules that would help with this issue? > > Since you seem to have the nat going ok, you might > just > want to try something like this: > > <natd etc> > 02100 fwd xx.xx.12.1 ip from xx.xx.12.2 > 02200 fwd yy.yy.34.1 ip from yy.yy.34.2 > > Similar kind of thing works for my environment, > though > I am not doing exactly the same thing. > > Regards, > > Tony > __________________________________ Do you Yahoo!? Yahoo! Search - Find what you’re looking for faster http://search.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040309171513.96071.qmail>