Date: Sat, 27 Dec 1997 21:19:10 -0800 From: "Eric C. S. Dynamic" <ecsd@transbay.net> To: questions@freebsd.org Cc: brian@awfulhak.org Subject: Re: NAT question(s) Message-ID: <34A5E14E.41C67EA6@transbay.net> References: <199712262316.XAA09295@awfulhak.demon.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
> It really is as simple as the natd/sample/natd.test script. All natd
> is doing is looking at the interfaces IP number, and changing all
> outgoing stuff so that the source IP is its own. The `changing'
> involves remembering the change so that packets coming back can be
> un-NAT'd. You don't have to tell it what you want to translate as
> it's figured out based on the direction of the packet.
I have a 'gateway' box:
{office machines} ==> ed3 (192.168.254.2)
ed2 (207.105.6.18) ==> Internet
I had run natd against ed3, and you're saying I should be running
natd against ed2 instead. That this should work implies the gateway
will detect packets coming from 192.168.254.X and send them out as
having come from 207.105.6.18, and then remap them properly out ed3
to the originator.
The other concern is that traffic to/from the gateway itself not be
disturbed. Evidently to eliminate this concern I should use the
"unregistered_only" option?
I wonder if natd will be able to handle the 'arbitrarily-sized' subnet
on 192.168.254.X properly, from looking at the "redirect_address"
examples in the man page. I guess less is more, I need say nothing
at all about the phony-subnet users, as you say.
Trials will tell. Thanks for the tips.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?34A5E14E.41C67EA6>