Date: Thu, 19 Mar 2009 15:14:49 +0800 From: "Lin Zhao" <linzhao@ustc.edu.cn> To: lists@jnielsen.net, freebsd-ipfw@freebsd.org Subject: Re: pls help on 3 interfaces Message-ID: <437446889.08051@ustc.edu.cn>
next in thread | raw e-mail | index | archive | help
too much thx for Julian Elischer & John Nielsen..... i've tried it, and it seems working now, but i don't know if i'm right in setting natd2.... i just add one line in /etc/services as "natd2 8669" and run a command: natd -n fxp1 -p 8669 seems so stupid Lin 在您的来信中曾经提到: >From: John Nielsen <lists@jnielsen.net> >Reply-To: >To: freebsd-ipfw@freebsd.org, Lin Zhao <linzhao@ustc.edu.cn> >Subject: Re: pls help on 3 interfaces >Date:Wed, 18 Mar 2009 23:23:56 -0400 > >On Wednesday 18 March 2009 10:36:15 pm Lin Zhao wrote: > > hi all, wish my english is enough :-) > > my freebsd has 3 interfaces, like this, > > > > ---- ----switch1 > > > > | ---------- fxp0 | > > | > > | | |--------- > > > > internal |--------|freebsd71 | > > > > | rl0 | |--------- > > | ---------- fxp1 | > > > > ---- ----switch2 > > > > we're in the internal and want to visit outside > > we use fxp0 for default outside address and it works well > > but for some reason, i want to use fxp1 for some special outside > > address how can i do for it? > > thanks a lot. > > Is the FreeBSD box performing network address translation (NAT)? I'm going > to assume that it is and everything is being aliased through fxp0. I'm > also assuming you're using ipfw since you wrote to the ipfw list. > > If the IP addresses which you'd like to reach via fxp1 are static, you > should be able to do something like the following: > > Configure static routes on the FreeBSD machine for the the special outside > addresses using the gateway of fxp1's network as the router. > Configure an additional NAT rule (if still using natd now might be a good > time to switch to in-kernel ipfw NAT..) to alias through fxp1. > Configure ipfw to direct traffic to/from the special outside addresses to > the new NAT instance instead of the default. > > I actually used a similar setup recently. If you care to confirm my > assumptions above I can give you a more step-by-step guide. > > JN > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?437446889.08051>