From owner-freebsd-stable  Wed Jul 19  7:43:45 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65])
	by hub.freebsd.org (Postfix) with ESMTP id D9A0A37BD57
	for <stable@FreeBSD.ORG>; Wed, 19 Jul 2000 07:43:32 -0700 (PDT)
	(envelope-from ru@whale.sunbay.crimea.ua)
Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.9.3/1.13) id RAA67373; Wed, 19 Jul 2000 17:43:14 +0300 (EEST)
Date: Wed, 19 Jul 2000 17:43:14 +0300
From: Ruslan Ermilov <ru@sunbay.com>
To: Shawn Barnhart <swb@grasslake.net>
Cc: stable@FreeBSD.ORG
Subject: Re: natd changes?
Message-ID: <20000719174314.A66673@sunbay.com>
Mail-Followup-To: Shawn Barnhart <swb@grasslake.net>, stable@FreeBSD.ORG
References: <003c01bff17e$f6d85810$0102a8c0@k6> <20000719160436.A62577@sunbay.com> <00f401bff18b$d5557940$b8209fc0@campbellmithun.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <00f401bff18b$d5557940$b8209fc0@campbellmithun.com>; from swb@grasslake.net on Wed, Jul 19, 2000 at 09:15:46AM -0500
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed, Jul 19, 2000 at 09:15:46AM -0500, Shawn Barnhart wrote:
> ----- Original Message -----
> From: "Ruslan Ermilov" <ru@sunbay.com>
> 
> | Here is the summary of changes into libalias(3) and natd(8) since
> | 4.0-RELEASE:
> |
> | - Load Sharing using IP Network Address Translation (RFC 2391, LSNAT)
> | - New options: -redirect_proto, -target_addr and -punch_fw
> | - Removed -pptpalias since this is now done transparently by libalias(3)
> |
> | Note that you DO NOT need -redirect_proto for PPTP through NAT to work,
> | this is now done transparently in libalias(3) and much better:
> 
> Do you need it for passing non-PPTP, ie router-router, GRE traffic?  Or any
> of the "other" IP protocols?
> 
Yes, `-redirect_proto gre foo' will redirect non-PPTP GRE traffic to local
host `foo' while it is simultaneously possible to run PPTP from multiple
local clients and it should be handled correctly.

In other words, libalias(3) checks whether the particular GRE packet belongs
to an already established PPTP session, and if it does, it takes the proper
address from this PPTP session.  Otherwise, it checks for -redirect_proto
rules.

> | - Multiple PPTP clients behind NAT to the same or different servers.
> |
> | - Single PPTP server behind NAT -- you just need to redirect TCP
> |   port 1723 to a local machine.  Multiple servers behind NAT is
> |   possible but would require a simple API change.
> |
> | Please see manual page for details.
> 
> Which one?  Neither natd(8) or libalias(3) mentions PPTP other than to give
> the author(s) credit for writing support for it.
> 
I meant for other options like -lsnat, -punch_fw and -target_address.

I think we need to add the PPTP info to both libalias(3) and natd(8)
manpages, but it will happen after my vacation.


Cheers,
-- 
Ruslan Ermilov		Oracle Developer/DBA,
ru@sunbay.com		Sunbay Software AG,
ru@FreeBSD.org		FreeBSD committer,
+380.652.512.251	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message