From owner-freebsd-net@FreeBSD.ORG Sun Jun 8 00:24:04 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2A4BBE02 for ; Sun, 8 Jun 2014 00:24:04 +0000 (UTC) Received: from h2.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "funkthat.com", Issuer "funkthat.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id F0A6520CF for ; Sun, 8 Jun 2014 00:24:03 +0000 (UTC) Received: from h2.funkthat.com (localhost [127.0.0.1]) by h2.funkthat.com (8.14.3/8.14.3) with ESMTP id s580O0WA028314 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 7 Jun 2014 17:24:00 -0700 (PDT) (envelope-from jmg@h2.funkthat.com) Received: (from jmg@localhost) by h2.funkthat.com (8.14.3/8.14.3/Submit) id s580NxRk028313; Sat, 7 Jun 2014 17:23:59 -0700 (PDT) (envelope-from jmg) Date: Sat, 7 Jun 2014 17:23:59 -0700 From: John-Mark Gurney To: None Secure Subject: Re: Can you create a FreeBSD gateway, with private IPs, without NAT/divert ? Message-ID: <20140608002359.GJ31367@funkthat.com> Mail-Followup-To: None Secure , Erich Dollansky , "freebsd-net@freebsd.org" References: <1402122166.37214.YahooMailNeo@web162101.mail.bf1.yahoo.com> <20140607144043.3d4be435@X220.alogt.com> <1402159719.88183.YahooMailNeo@web162105.mail.bf1.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1402159719.88183.YahooMailNeo@web162105.mail.bf1.yahoo.com> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.2-RELEASE i386 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.2.2 (h2.funkthat.com [127.0.0.1]); Sat, 07 Jun 2014 17:24:00 -0700 (PDT) Cc: "freebsd-net@freebsd.org" , Erich Dollansky X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2014 00:24:04 -0000 None Secure via freebsd-net wrote this message on Sat, Jun 07, 2014 at 09:48 -0700: > Yes, but in this case BOTH IPs of the gateway - both the external and the internal interfaces - are non-routable IPs, and so is my ISP cable modem. You keep saying non-routable IPs, but really, RFC1918 addresses are only not routed on the public internet... You can route these addresses all you want in your own network, and even between networks if you and the other network agree to route them... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."