From owner-freebsd-hackers Fri Jan 19 13:13:45 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id B736C37B69B for ; Fri, 19 Jan 2001 13:13:27 -0800 (PST) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id OAA68925; Fri, 19 Jan 2001 14:13:24 -0700 (MST) Date: Fri, 19 Jan 2001 14:13:24 -0700 (MST) From: Nick Rogness To: Ian Kallen Cc: freebsd-hackers@freebsd.org Subject: Re: accessing an outside IP from inside a NAT net In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 19 Jan 2001, Ian Kallen wrote: > > I'd like a hand figuring out how to access resources on the internal side > of a NAT net from within it without doing something kludgey with DNS. > i.e. suppose I run natd with a configuration like this: > > # begin /etc/natd.conf > use_sockets > same_ports > port 8668 > deny_incoming no > log > redirect_port tcp 10.0.0.128:80 206.169.18.10:80 > # end /etc/natd.conf > > Now if the DNS for the web server www.foo.com running on 10.0.0.128 > directs a browser on the 10.0.0.0 net to 206.169.18.10, it doesn't get > routed back to 10.0.0.128; it just hangs (I'm acutally not sure what's > happening there, the connction never succeeds). Is there a nice way to > handle this case without running a dummy DNS just for the 10.0.0.0 > internal net? Run a firewall rule for diverting packets on your inside interface for that web server. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message