Date: Fri, 4 Dec 1998 10:54:10 +0100 From: "andrea" <andrea.franceschini@linet.it> To: "Doug White" <dwhite@resnet.uoregon.edu> Cc: <freebsd-current@FreeBSD.ORG> Subject: R: ip-masquerading.natd,ip-aliasing .... Message-ID: <007a01be1f6c$0abf70c0$4d18b9c2@oma.linet.it>
next in thread | raw e-mail | index | archive | help
-----Messaggio originale----- Da: Doug White <dwhite@resnet.uoregon.edu> A: andrea <andrea.franceschini@linet.it> Cc: freebsd-current@FreeBSD.ORG <freebsd-current@FreeBSD.ORG> Data: giovedì 3 dicembre 1998 0.40 Oggetto: Re: ip-masquerading.natd,ip-aliasing .... >On Wed, 2 Dec 1998, andrea wrote: > >> I'm looking for a way to configure my intranet using natd. >> The problem is that the configuration that i need is a little unsual and i >> wonder if is applicable. >> >> The configuration is as follow: >> >> On the Same LAN : >> >> 1 - Web Server (with routable Ip-address) >> 2 - Mail Server ( "" "" "" ) >> 3 - 1 router connected to the InterNet. >> 4 - Many other boxes with not Routeble ip addresses (192.168.. ) >> >> So i have 2 subnet on the same phisical net. >> >> What i'm wondering is: >> >> It's possible to share in the same phisical Lan( eg without gateway >> with 2+ Ether Card) between 2 networks? > >If you want to use natd, you should use it's redirect_port feature instead >of mixing the networks. This way you get the filtering feature of natd >protecting your mail and web server. The downturn is that you loose >flexibility on your web server -- if you add services you'll have to set >up redirect rules for it. > >I don't know how fancy your router is, if it can be taught to natd certain >packets or not (I think ipfw can do it, not sure). > >> I'have tried assigning 2 ip address at the same interface ,and using >> this machine as a gateway on the same phisical net. > >You have to use an alias (with the netmask of that network, not >0xffffffff) on the interface to get the second IP programmed in. First of all thank you for replying!:) Now the configuration you described is pretty the same of mine. And that's the problem it doesn't works at all.:( The rule in the firewall that 'divert' the socket to natd seem to work,because i can see the counters of packets increasing.. But natd doesn't get anything ,or so seems( i set-up natd in verbose mode but nothing happens...) I need a sort of 'example' of a working configuration in order to debug the mine. Bye;) > >Doug White >Internet: dwhite@resnet.uoregon.edu | FreeBSD: The Power to Serve >http://gladstone.uoregon.edu/~dwhite | www.freebsd.org > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007a01be1f6c$0abf70c0$4d18b9c2>