From owner-freebsd-hackers@FreeBSD.ORG Mon Oct 6 06:43:50 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 892FE16A4B3 for ; Mon, 6 Oct 2003 06:43:50 -0700 (PDT) Received: from ussenterprise.ufp.org (ussenterprise.ufp.org [208.185.30.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8566E43FEA for ; Mon, 6 Oct 2003 06:43:47 -0700 (PDT) (envelope-from bicknell@ussenterprise.ufp.org) Received: from ussenterprise.ufp.org (bicknell@localhost [127.0.0.1]) by ussenterprise.ufp.org (8.12.9/8.12.9) with ESMTP id h96Dhk8i085394 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 6 Oct 2003 09:43:47 -0400 (EDT) Received: (from bicknell@localhost) by ussenterprise.ufp.org (8.12.9/8.12.9/Submit) id h96Dhkde085393 for freebsd-hackers@freebsd.org; Mon, 6 Oct 2003 09:43:46 -0400 (EDT) Date: Mon, 6 Oct 2003 09:43:46 -0400 From: Leo Bicknell To: freebsd-hackers@freebsd.org Message-ID: <20031006134346.GA84944@ussenterprise.ufp.org> Mail-Followup-To: freebsd-hackers@freebsd.org References: <20031004235400.GA20943@ussenterprise.ufp.org> <20031006132857.GA71659@comp.chem.msu.su> <200310051343.01251.wes@softweyr.com> <20031005193343.F47183-100000@skywalker.rogness.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="2oS5YaxWCcQjTEyO" Content-Disposition: inline In-Reply-To: <20031006132857.GA71659@comp.chem.msu.su> <20031005193343.F47183-100000@skywalker.rogness.net> Organization: United Federation of Planets X-PGP-Key: http://www.ufp.org/~bicknell/ Subject: Re: Changing the NAT IP on demand? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2003 13:43:50 -0000 --2oS5YaxWCcQjTEyO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In a message written on Sun, Oct 05, 2003 at 08:11:05PM -0600, Nick Rogness= wrote: > In addition to keeping your NAT translations (as suggested by > Wes), you need to also keep routes for those entries as well, so > that preserved traffic remains to route out the right ISP even if > a switch occurs. You're right, however I would go with a different mechanism, but one I've also never tried to do. What you want is routing based on the source address of the packet, not the destination as per usual. You want to be able to say "source a.a.a.a goes out link A". I've never tried to do it on FreeBSD (it's easy on say Cisco's, with a bit of a performance hit on some platforms). =20 In a message written on Mon, Oct 06, 2003 at 05:28:57PM +0400, Yar Tikhiy w= rote: > Just a random thought: If natd(8) were taught to change its default > alias address on the fly (it's just a single variable,) then the > desired effect would be achieved exactly. That's because any session > already having its own entry in natd's aliasing table would use its > old alias address kept in the entry. BTW, one could switch between > even more than 2 external connections in that manner. And that's > just a step away from session-aware load-balancing with natd(8). That's exactly what I was thinking, and more or less why I asked. Note, I think this configuration would be useful in a lot of other applications as well. Consider someone who can get, say, a 128k symmetric DSL line, and a 56k up 1M down satellite link. If using this "trick" you could direct latency sensitive (ssh, telnet, ntp) traffic over the DSL line, and send bulk data (http, ftp) over the satellite link that could be quite useful. I think I'm going to have to set up a lab box now and dig into this at a deeper level. --=20 Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org --2oS5YaxWCcQjTEyO Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE/gXGSNh6mMG5yMTYRAkTFAJ9Rhv6q5LI6I1shQduxWUMZZiZlfQCfUWsb Y4PmF5CZ0Gzt8kJ7gakGu0Q= =3b5F -----END PGP SIGNATURE----- --2oS5YaxWCcQjTEyO--