Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 12 Jan 2000 11:10:06 +0200
From:      Ruslan Ermilov <ru@ucb.crimea.ua>
To:        Martin Welk <mw@theatre.sax.de>
Cc:        freebsd-questions@FreeBSD.org
Subject:   Re: NATD and Public IP Addresses
Message-ID:  <20000112111006.H29173@relay.ucb.crimea.ua>
In-Reply-To: <20000112051743.C24866@theatre.sax.de>; from Martin Welk on Wed, Jan 12, 2000 at 05:17:43AM %2B0100
References:  <Pine.BSF.4.10.10001101619480.88174-100000@intertain.interlog.com> <20000111003327.C33776@extremis.demon.co.uk> <20000111030946.A14785@theatre.sax.de> <20000111110118.C18967@relay.ucb.crimea.ua> <20000112051743.C24866@theatre.sax.de>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 12, 2000 at 05:17:43AM +0100, Martin Welk wrote:
> On Tue, Jan 11, 2000 at 11:01:18AM +0200, Ruslan Ermilov wrote:
> 
> > > (*) Public network interface addresses configured as ifconfig aliases, that
> > > means, the gateway recognizes itself as that address. When this is done, it
> > > can pass the packets through natd which changes the address and forwards
> > > them to an assigned address in the private network.
> > It is *NOT* required to bind these addresses to interface.
> 
> This is quite interesting. I always thought so yet :-) If I understand
> you right, it's enough to let natd listen to the gateway interface and
> let it know about the addresses it should work with?
> 
Natd(8) listens on divert(4) socket, not gateway interface.  Everything
that is passed by ipfw(8) to that socket, is treated by natd(8) as either
incoming or outgoing IP packet, according to rules described in divert(4).

> Interesting. What if there are further hosts next to the gateway interface
> on the Ethernet (if there is some Ethernet), does one have to do proxy ARP
> so the NAT box recognizes itself is meant for these packets or is that done
> by some routing (even static routes) ?
> 
It depends on whether these hosts are in the same network/netmask as those
serviced by natd(8) or not.

-- 
Ruslan Ermilov		Sysadmin and DBA of the
ru@ucb.crimea.ua	United Commercial Bank,
ru@FreeBSD.org		FreeBSD committer,
+380.652.247.647	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000112111006.H29173>