Re: Reverse IP NAT to secondary IP address
From: Nils Vogels (nivo+sender+8eb026_at_yuckfou.org)
Date: 10/26/03
- Previous message: _at_babolo.ru: "Re: Reverse IP NAT to secondary IP address"
- In reply to: _at_babolo.ru: "Re: Reverse IP NAT to secondary IP address"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sun, 26 Oct 2003 14:01:49 +0100
"."@babolo.ru wrote:
>>Since I have the internet on the same interface, but on the primary IP
>>instead, would enabling ARP PROXY not fill the ARP table with every host
>>on the internet, that tries to contact the gateway ?
>>
>>
>Are you using default route?
>If yes, only default router's MAC used for every external IP.
>
>
>
OK, great.
>>>No NAT is needed.
>>>
>>>
>>>
>>I just tried this, but unfortunately, the same thing happens as with
>>ipfilter:
>>
>>The primary address of the interface ed0 on the gateway (the public
>>adress) is used to forward the arp request.
>>
>>Taken from a dump on the gateay, when attempting telnet:
>>
>>Incoming on rl0:
>>03:35:05.867883 192.168.0.2.1511 > 192.168.2.2.23: S
>>1377718084:1377718084(0) win 57344 <mss 1460> (DF) [tos 0x10]
>>
>>Outgoing on ed0:
>>03:35:05.868333 195.0.0.1.15009 > 192.168.2.2.23: S
>>1377718084:1377718084(0) win 57344 <mss 1460> (DF) [tos 0x10]
>>
>>
>No NAT is needed.
>Just allow 192.168.0.2 <-> 192.168.2.2 flow directly,
>not via NAT
>
>
I just changed my ipnat rule to:
map ed0 from 192.168.0.0/24 ! to 192.168.0.0/16 -> 0/32
map ed0 from 192.168.0.0/24 ! to 192.168.0.0/16 -> 0/32 portmap tcp/udp
15000:19999
And this is now working. Thanks a bunch! ;-)
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: _at_babolo.ru: "Re: Reverse IP NAT to secondary IP address"
- In reply to: _at_babolo.ru: "Re: Reverse IP NAT to secondary IP address"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
