Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 2 Sep 2001 18:16:36 -0400 (EDT)
From:      Kenneth W Cochran <kwc@world.std.com>
To:        freebsd-stable@freebsd.org
Subject:   NAT with >1 gateway interface
Message-ID:  <200109022216.SAA27826@world.std.com>

next in thread | raw e-mail | index | archive | help
Hello:

How do I "properly" set up NAT on a system that "transmits"
and "receives" on different interfaces?

Briefly - Machine A receives on fxp0 & transmits on ppp0.
I'd like to use a 2nd Ethernet on Machine A (fxp1) for the
"NAT"ed/masqueraded network.

Scenario:

Machine A:
- Running RELENG_4 as of 2001/08/28, scheduled to update again
  2001/09/01 (thus one reason I'm asking on -stable :).
- Connected to a "hybrid" aka "1-way" cable-modem,
- "Receives" via cablemodem/Ethernet (fxp0, config'ed as 10.0.0.11/24)
- "Transmits/outgoing" is via analog dial-modem & ppp(d).
- "Real" ip-address is established by (kernel) pppd (pppd0,
  note the "d" :), and is "officially" dynamic, even though
  it always (at least right now) gets the same ip-address.
- Runs cache-only nameserver.
- Has been running in this manner for about 1.5 years.
- (recently) Has 2nd NIC (fxp1), connected to hub for private network.

Machine B:
- Has private ip-address on "its" fxp0.
- Connected via hub to 2nd NIC (fxp1) on Machine A.

I've followed the instructions from the Handbook, Section
18.10, Network Address Translation with regard to kernel &
rc.conf configuration, etc.

Machines A & B can talk to each other; I can ping & ssh from/to
either one.  Machine A communicates "outside" (with the
Internet) as usual, but Machine B cannot.

I'm thinking something needs to be tweaked in the ipfw and/or
natd-config(s).  Suggestions?  Also, where would be the best place(s)
to put these "customizations" (for example, so as to not be any
more "disruptive" than necessary to the base-OS configs)?
Does it matter whether the ppp(d)-link is up before/after
ipfw/natd configuration?

Of course, FAQ/-doc/readme pointers are quite welcome.  :)
Please cc replies to me.

Many thanks,

-kc

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109022216.SAA27826>