From owner-freebsd-isp  Sun Feb 11 20: 2:39 2001
Delivered-To: freebsd-isp@freebsd.org
Received: from cody.jharris.com (cody.jharris.com [205.238.128.83])
	by hub.freebsd.org (Postfix) with ESMTP id E99FE37B401
	for <isp@FreeBSD.ORG>; Sun, 11 Feb 2001 20:02:36 -0800 (PST)
Received: from localhost (nick@localhost)
	by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f1C4Ocr34049;
	Sun, 11 Feb 2001 22:24:38 -0600 (CST)
	(envelope-from nick@rogness.net)
Date: Sun, 11 Feb 2001 22:24:38 -0600 (CST)
From: Nick Rogness <nick@rogness.net>
X-Sender: nick@cody.jharris.com
To: Ryan Thompson <ryan@sasknow.com>
Cc: phil grainger <phil@ozxpress.com.au>, isp@FreeBSD.ORG
Subject: Re: ip redirection
In-Reply-To: <Pine.BSF.4.21.0102112116290.84942-100000@ren.sasknow.com>
Message-ID: <Pine.BSF.4.21.0102112150530.31897-100000@cody.jharris.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sun, 11 Feb 2001, Ryan Thompson wrote:

> phil grainger wrote to isp@FreeBSD.ORG:
> 
> > hi,
> > our isp recently got a satellite feed and i managed to get the squid
> > talking via the sat ip's ...
> > 
> > no i am wanting to use the satellite for incoming ftp and incoming napster 
> > traffic.
> > 

	Incoming to your machine in via the sat?  or incoming to your BSD
	machine out via the sat from your clients?

> > our servers run a 203. (land line) and 209. (satellite) networks our 
> > clients use
> > 203. ip's

	You didn't provide enough details for anyone to help you.  How is
	your BSD machine connected, how are your clients connected?

> > 
> > our clients gateway is a freebsd 3-stable machine although i can change that
> > to a linux 2.2 box (of course i would prefer the freebsd solution!)
> > 
> > the freebsd box is running ipnat and ipfw

	ipfw fwd X.X.X.X tcp from any to any 21

	Where X.X.X.X is the ip of the next hop Sat router IP.  Of course,
	I am assuming that outbound ftp be redirected because I still
	don't see how your network is laid out...

	I need more details.

> 
> I think you're making this more complicated than it should be.  You can't
> route specific ports with IP--you can only route subnets.  (Imagine how

	Sure you can, otherwise things like transparent proxy
	suuport would not be doable.  It's just not a good idea...most of
	the time.  For this implementation it is perfectly doable.

> large routing tables would get if multiplexed by 64K possible port
> addresses :-)  

	Of course you wouldn't do that on BGP ;-)


Nick Rogness <nick@rogness.net>
- Keep on routing in a Free World...  
  "FreeBSD: The Power to Serve!"




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message