From owner-freebsd-questions@FreeBSD.ORG  Mon Mar 12 18:20:59 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 76D7E16A402
	for <freebsd-questions@freebsd.org>;
	Mon, 12 Mar 2007 18:20:59 +0000 (UTC)
	(envelope-from wayne@manor.msen.com)
Received: from manor.msen.com (manor.msen.com [148.59.4.66])
	by mx1.freebsd.org (Postfix) with ESMTP id 35C2913C45D
	for <freebsd-questions@freebsd.org>;
	Mon, 12 Mar 2007 18:20:59 +0000 (UTC)
	(envelope-from wayne@manor.msen.com)
Received: from manor.msen.com (localhost [127.0.0.1])
	by manor.msen.com (8.12.11/8.12.11) with ESMTP id l2CHvD66072243
	for <freebsd-questions@freebsd.org>;
	Mon, 12 Mar 2007 12:57:13 -0500 (EST)
	(envelope-from wayne@manor.msen.com)
Received: (from wayne@localhost)
	by manor.msen.com (8.12.11/8.12.11/Submit) id l2CHvDgZ072242
	for freebsd-questions@freebsd.org; Mon, 12 Mar 2007 12:57:13 -0500 (EST)
	(envelope-from wayne)
Date: Mon, 12 Mar 2007 12:57:13 -0500
From: "Michael R. Wayne" <wayne@staff.msen.com>
To: freebsd-questions@freebsd.org
Message-ID: <20070312175713.GF16373@manor.msen.com>
Mail-Followup-To: freebsd-questions@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
Subject: natd and jails for multipel IP addresses
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2007 18:20:59 -0000

I'm trying to add a second IP address to an existing jail
using natd and I must be missing something.  

Setup:
   HOST_IP	The host, attached to fxp0
   JAIL_IP	The existing, working jail
   2ND_IP	The IP address I'm trying to natd to the jail

I've got ipfw rules to catch traffic to/from the new IP and nothing
blocking them:
   00300 divert 8668 ip from any to 2ND_IP via fxp0
   00310 divert 8668 ip from 2ND_IP to any via fxp0

natd is running with:
   /sbin/natd -log -verbose -redirect_address JAIL_IP 2ND_IP -alias_address JAIL_IP

But, natd seems to be translating the source, not the dest IP:
   % ping 2ND_IP
yields:
   Out {default}[ICMP] [ICMP] HOST_IP -> 2ND_IP 8(0) aliased to
	      [ICMP] JAIL_IP -> 2ND_IP 8(0)

Whereas, I would expect this to do:
   HOST_IP -> 2ND_IP
translated to
   HOST_IP -> JAIL_IP
and the reverse.

WTH am I missing here?

/\/\ \/\/