From owner-freebsd-current Fri Dec 4 02:12:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA15477 for freebsd-current-outgoing; Fri, 4 Dec 1998 02:12:15 -0800 (PST) (envelope-from owner-freebsd-current@FreeBSD.ORG) Received: from relay.linet.it (relay.linet.it [194.185.24.71]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id CAA15472 for ; Fri, 4 Dec 1998 02:12:08 -0800 (PST) (envelope-from andrea.franceschini@linet.it) Received: from oma.linet.it (unverified [194.185.24.77]) by relay.linet.it (EMWAC SMTPRS 0.83) with SMTP id ; Fri, 04 Dec 1998 11:02:24 +0100 Message-ID: <007a01be1f6c$0abf70c0$4d18b9c2@oma.linet.it> Reply-To: "andrea" From: "andrea" To: "Doug White" Cc: Subject: R: ip-masquerading.natd,ip-aliasing .... Date: Fri, 4 Dec 1998 10:54:10 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG -----Messaggio originale----- Da: Doug White A: andrea Cc: freebsd-current@FreeBSD.ORG Data: giovedì 3 dicembre 1998 0.40 Oggetto: Re: ip-masquerading.natd,ip-aliasing .... >On Wed, 2 Dec 1998, andrea wrote: > >> I'm looking for a way to configure my intranet using natd. >> The problem is that the configuration that i need is a little unsual and i >> wonder if is applicable. >> >> The configuration is as follow: >> >> On the Same LAN : >> >> 1 - Web Server (with routable Ip-address) >> 2 - Mail Server ( "" "" "" ) >> 3 - 1 router connected to the InterNet. >> 4 - Many other boxes with not Routeble ip addresses (192.168.. ) >> >> So i have 2 subnet on the same phisical net. >> >> What i'm wondering is: >> >> It's possible to share in the same phisical Lan( eg without gateway >> with 2+ Ether Card) between 2 networks? > >If you want to use natd, you should use it's redirect_port feature instead >of mixing the networks. This way you get the filtering feature of natd >protecting your mail and web server. The downturn is that you loose >flexibility on your web server -- if you add services you'll have to set >up redirect rules for it. > >I don't know how fancy your router is, if it can be taught to natd certain >packets or not (I think ipfw can do it, not sure). > >> I'have tried assigning 2 ip address at the same interface ,and using >> this machine as a gateway on the same phisical net. > >You have to use an alias (with the netmask of that network, not >0xffffffff) on the interface to get the second IP programmed in. First of all thank you for replying!:) Now the configuration you described is pretty the same of mine. And that's the problem it doesn't works at all.:( The rule in the firewall that 'divert' the socket to natd seem to work,because i can see the counters of packets increasing.. But natd doesn't get anything ,or so seems( i set-up natd in verbose mode but nothing happens...) I need a sort of 'example' of a working configuration in order to debug the mine. Bye;) > >Doug White >Internet: dwhite@resnet.uoregon.edu | FreeBSD: The Power to Serve >http://gladstone.uoregon.edu/~dwhite | www.freebsd.org > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message