Re: Reverse IP NAT to secondary IP address

From: Nils Vogels (nivo+sender+8eb026_at_yuckfou.org)
Date: 10/26/03

  • Next message: _at_babolo.ru: "Re: Reverse IP NAT to secondary IP address" 
    Date: Sun, 26 Oct 2003 03:34:58 +0100
To: freebsd-net@freebsd.org

    "."@babolo.ru wrote:

    >configure port with SNMP-server as 192.168.0.17/30 for example
    >instead 192.168.2.1/24, and
    >sysctl net.link.ether.inet.proxyall=1
    >
    >and configure SNMP-server as 192.168.0.18/24
    >
    >If you can change mask of SNMP-server, you can
    >use 192.168.0/24 and 192.168.1/24 on gateway
    >and 192.168.0/25 on SNMP-server.
    >
    >No NAT is needed.
    >
    >
    I just tried this, but unfortunately, the same thing happens as with
    ipfilter:

    The primary address of the interface ed0 on the gateway (the public
    adress) is used to forward the arp request.

    Taken from a dump on the gateay, when attempting telnet:

    Incoming on rl0:
    03:35:05.867883 192.168.0.2.1511 > 192.168.2.2.23: S
    1377718084:1377718084(0) win 57344 <mss 1460> (DF) [tos 0x10]

    Outgoing on ed0:
    03:35:05.868333 195.0.0.1.15009 > 192.168.2.2.23: S
    1377718084:1377718084(0) win 57344 <mss 1460> (DF) [tos 0x10]

    Since 195.0.0.1 (obviously obfuscated) does not fall within the subnet
    the 192.168.2.2 box is on, there will never be a reply from the
    192.168.2.2 box.

    ARP proxying goes fine, on the WWW box, I can see the proxied reply
    coming from my gateway for the 192.168.1.1 address .....

    Can anyone tell me, how I can make the box use the secondary address
    (alias) automatically for forwarding the telnet session?
    Could it be that since the gateway is running many-to-one NAT as well,
    this is conflicting ?

    Greetings,

    Nils.

    _______________________________________________
    freebsd-net@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-net
    To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

  • Next message: _at_babolo.ru: "Re: Reverse IP NAT to secondary IP address"

    Relevant Pages

    • Re: Do you have a FreeBSD NAT gateway?
      ... my xDSL provider provides a router, not a modem, which means that it does NAT already at the router. ... I have configured the xDSL router to forward all ports to my firewall / NAT gateway. ... setting up a caching dns on you gateway, or testing for dns problems on your Mac mini? ...
      (comp.unix.bsd.freebsd.misc)
    • Re: [9fans] Do we have a catalog of 9P servers?
      ... plan9 lets you combine simple commands to provide all sorts ... the gateway even if it only rarely communicates with the outside world, ... NAT and RSVP. ... There are many other Linux NAT solutions that do NAT ...
      (comp.os.plan9)
    • Re: Do you have a FreeBSD NAT gateway?
      ... Do you use the NAT feature of pf or do you use the NAT at ... I've had a NAT gateway for, oh, 6 years or so. ... Now I run it with two interfaces and the switch is the back-end network. ... # the fastforwarding speed optimizations still breaks my ipnat setup. ...
      (comp.unix.bsd.freebsd.misc)
    • Re: ntpd on a NAT gateway seems to do nothing
      ... of 123 whilst ntpdate will use a dynamic source port. ... will be competing for the same ip quadtuple at the NAT box. ... Usually the clients behind the NAT gateway use the ntpd ...
      (freebsd-stable)
    • Re: Routing with red hat 9.0
      ... >>I believe that all you need to do is set each internal node's gateway to ... >>Are you going to NAT each internal node to different ISP ips? ...
      (comp.os.linux.networking)