Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 20 Sep 2000 20:29:00 +1200
From:      kit <kit@hypostasis.com>
To:        Kanji T Bates <bates@jurai.net>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: internal to internal via natd extenal redirect_port
Message-ID:  <20000920202900.A23232@amethyst.hypostasis.com>
In-Reply-To: <Pine.BSF.4.21.0009200138140.89155-100000@sasami.jurai.net>; from bates@jurai.net on Wed, Sep 20, 2000 at 02:37:42AM -0400
References:  <Pine.BSF.4.21.0009200138140.89155-100000@sasami.jurai.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, Sep 20, 2000 at 02:37:42AM -0400, Kanji T Bates wrote:
> I'm having great difficulty trying to get any of my internal machines to
> talk to services handled via a natd redirect_port even though boxes coming
> at me from my external interface have no problems whatsoever.
> 
> Is there anyway for me to get around this so that I could (for example) 
> have box 10.10.10.10 could reach the web server running on 10.10.10.20 via
> the nats external IP of 192.168.0.1 ?
> 
> TIA.
> 
>   --k.
Presumable you are running a gateway /firewall with 10.10.10.254 (say) 
as the internal interface, and 192.168.0.1 as the external.

One solution is the run natd on the internal interface
as well and /or set the firewall rules to redirect traffic destined
for the IP and port when it comes in via your internal interface

My solution was to run 2 nameds one listening on the internal interface 
and the other on the external for real world queries.  This gives me 
overlapping namespaces so that I can refer to the appropriate machine
by name from where ever I want and get to the same place. (I gave up on 
the 2 natds when I reconsidered my problem)

I found I prefered the inelegance of 2 nameds to the inelegance of separate 
namespaces.  I'll have to give BIND 9 a go, for its finer control over who
has access to what.

--kit



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000920202900.A23232>