From owner-freebsd-questions@FreeBSD.ORG  Mon Dec 22 21:10:32 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6C13D16A4CE
	for <freebsd-questions@freebsd.org>;
	Mon, 22 Dec 2003 21:10:32 -0800 (PST)
Received: from ns1.tcbug.org (12-218-40-24.client.mchsi.com [12.218.40.24])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4792243D49
	for <freebsd-questions@freebsd.org>;
	Mon, 22 Dec 2003 21:10:31 -0800 (PST)
	(envelope-from friar_josh@ns1.tcbug.org)
Received: by ns1.tcbug.org (Postfix, from userid 1003)
	id 9AE30BA66; Mon, 22 Dec 2003 23:10:00 +0000 (GMT)
Date: Mon, 22 Dec 2003 23:09:59 +0000
From: Josh Paetzel <friar_josh@tcbug.org>
To: "Jason C. Wells" <jcw@highperformance.net>
Message-ID: <20031222230959.GH32419@ns1.tcbug.org>
References: <Pine.BSF.4.44.0312221754500.11773-100000@s1.stradamotorsports.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.BSF.4.44.0312221754500.11773-100000@s1.stradamotorsports.com>
User-Agent: Mutt/1.4.1i
cc: freebsd-questions@freebsd.org
Subject: Re: Routing to External IPs from Internal IPs
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Dec 2003 05:10:32 -0000

On Mon, Dec 22, 2003 at 06:07:24PM -0800, Jason C. Wells wrote:
> I would like to be able to set the DNS settings for my internal network to
> 209.20.215.30 and 209.20.215.31.  The internal network is addressed as
> 192.168.1/24.
> 
> How can I route from the internal addresses, through the internal
> interface of the firewall, to the external interface of the firewall, back
> through the port address translation to my internal nameservers?
> 
> If this question is too arcane, please refer me to the correct
> documentation.  I don't even know where to start.  Routing has always just
> magically worked on FreeBSD.  I would think it would be possible to add
> some sort of manual route to the routing tables, but what do I know.
> 
> The idea is to allow roamers to roam and never have to change any of their
> configuration settings, namely their DNS settings.
> 
> Split DNS obviously can handle all other settings such as mail, time, web
> and so forth.  Handling the DNS settings themselves, which are by IP
> address, proves more difficult.
> 
> Thanks,
> Jason C. Wells
> 

I'm not entirely sure I understand exactly what you are asking, but in answer 
to one of your questions, yes, you can add manual routes to the routing tables 
with the route command.  Whether this is what you want to do or not is another 
issue altoghter.

You may wish to setup a /30 subnet if you have a block of IPs to work with and 
then use nat to push them through your router.  

As far as roamers needing to change their DNS settings, I roam all over the 
place and use the same DNS servers all the time.  Perhaps all you need is 
someone to run slave DNS servers for you...you could easily forward port 53 
tcp/udp through nat to your internal nameservers.

HTH,
Josh Paetzel