From owner-freebsd-net Wed Jul 26 16:35:51 2000 Delivered-To: freebsd-net@freebsd.org Received: from mail.cweg.goe.net (stoffel.cweg.stud.uni-goettingen.de [134.76.25.223]) by hub.freebsd.org (Postfix) with ESMTP id C243437B78F for ; Wed, 26 Jul 2000 16:35:47 -0700 (PDT) (envelope-from sanders@maelstrom.anderson.de) Received: from maelstrom.cweg.stud.uni-goettingen.de ([134.76.25.224] helo=maelstrom.anderson.de ident=sanders) by mail.cweg.goe.net with esmtp (Exim 2.053 #1) id 13HaiD-0004gL-00; Thu, 27 Jul 2000 01:35:41 +0200 Date: Thu, 27 Jul 2000 01:35:32 +0200 (MEST) From: Sven Anderson Reply-To: Sven Anderson To: Nick Rogness , freebsd-net@freebsd.org Subject: Re: no static NAT for router itself? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- On Wed, 26 Jul 2000, Nick Rogness wrote: > > stoffel:~ # ifconfig -a > > ed1: flags=8843 mtu 1500 > > inet 134.76.25.223 netmask 0xffffff00 broadcast 134.76.25.255 > > inet 134.76.25.224 netmask 0xffffffff broadcast 134.76.25.224 > > inet 134.76.25.225 netmask 0xffffffff broadcast 134.76.25.225 > > > Why do you have these addresses bound to this card? Is > your provider routing them to you? There's no provider, it's a subnet of the university-network. Our three IPs aren't directly routed to us, so i have to "catch it" by Proxy-ARP. > > What does not work: > > > > Packets originating from the router to one of the external aliased IPs, > > f.e. 134.76.25.224, are nated correctly to the internal IP 172.27.7.23, > > BUT the source address of the packet is not 134.76.25.223 (the router) as > > it should be but 134.76.25.224 (the NAT-alias)! If i look at the netmask > > of the alias-interface this is actually correct, because the netmask fits > > exactly 134.76.25.224, so that the source-address is set to the IP of > > the interface, which is the same IP. To prevent this, a netmask that > > matches never is needed. > > Have you tried the -alias_address option instead of -n ? The alias_address is for the masquerading (many host share one real IP), which works fine. The problem appears only with the static 1:1 NAT IPs. > > Well, so I assumed, that defining the external IPs as alias-interfaces is > > not the right way to do static NAT (btw.: why there is no HOWTO for this, > > is static NAT really used so seldom?). So I tried catching the external > > No, I use it all of the time as (I assume) many people do. So please tell me, can you connect _from_ the NATing host to an _internal_ host by it's _public_ IP? And if yes, what is you exact setup? Thanks, Sven - -- _mailto:sven@anderson.de _tel:+49-551-9969285 _tel:+49-179-4939223 _http://tuttle.home.pages.de _irc://IRCNet/tuttle,isnick "Macht verrueckt, was Euch verrueckt macht!" (Blumfeld) -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 iQCVAwUBOX91zAc0fSHyIVytAQFjjAQAmLldYC1uno4ZHiUvOuftSSgHmPG2fYWD 8WyQShwxZLO2uHR8EXz+xV1gzodmVvaeg2yFngS0BEVavVrCjrSXc6bxD8MBxxgo KgDEds3zo64YmwsmELV6dt35SYHwO3yMAfC/5KEzRddW8CpCQZ5++U2bwCmZOpPw FSR8frgdChs= =xgX8 -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message