From owner-freebsd-questions  Wed May  5 12: 2:19 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from cygnus.rush.net (cygnus.rush.net [209.45.245.133])
	by hub.freebsd.org (Postfix) with ESMTP id 37C6C14FE4
	for <questions@freebsd.org>; Wed,  5 May 1999 12:01:35 -0700 (PDT)
	(envelope-from bright@rush.net)
Received: from localhost (bright@localhost)
	by cygnus.rush.net (8.9.3/8.9.3) with SMTP id OAA01873
	for <questions@freebsd.org>; Wed, 5 May 1999 14:22:18 -0500 (EST)
Date: Wed, 5 May 1999 14:22:17 -0500 (EST)
From: Alfred Perlstein <bright@rush.net>
To: questions@freebsd.org
Subject: stumped with natd, bridging revisited. help?
Message-ID: <Pine.BSF.3.96.990505133128.7628E-100000@cygnus.rush.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG



natd is giving me a bit of grief, can someone take a look here?

                                                216.55.74.58
                         de0 - no ip      xl0 - 192.168.2.1
                              :                       :
 gateway       ___________    :_______________________:    ______
216.55.74.57 -| DSL modem |---| FreeBSD Bridge + ipfw |-X-|switch|
              `-----------'   `-----------------------'   `------'
                                                          /    / 
           192.168.2.0/8 subnet, gw = 192.168.2.1        /    /  
         [-----X------------X----------------X----------/    /   
           (solaris)   (freebsd)         (netbsd )          /     
           (jonas  )   (bright )         (brazzen)         /     
              .7          .20              .6             /
                                                         /      
                                                        /      
           216.55.74.56/3 subnet, gw = 216.55.74.57    /       
         [-----X------------X-------------------------/     
           (freebsd)    (win95/NT)        
           (thumper)    (heather)
              .60          .61

(consider all 'X' as a port on the switch)

All machines have static routes set for local routing of addresses
(route add 192.168.2.0/8 -iface fxp0) and vice versa for the other
machines...

but... urm, HELP!

Just kidding, I do need a bit of help here, I've been sort of
content with just the machines with "real" addresses having outside
access, however now I would like to NATd the 192.168.2.x subnet.

I would like to run the NAT on the "bridge/ipfw" box for obvious reasons,
however it seem that no matter what i do packets never even get to natd's
divert socket.

my firewall rules are empty at the moment (with default to allow)

running natd:
natd -v -n de0 -unregistered_only -use_sockets -same_ports  -reverse            

followed by:
ipfw add 350 divert natd ip from any to any via de0

natd (note it's running in "verbose" mode) never ever prints anything to
my screen and nothing can get out vi de0, effectively killing my network
connection.

I find it quite irritating that natd doesn't seem to want to show me
anything, i've tried configuration after configuration and natd just
doesn't seem to want to show me packets that are sent into it.

Anyone have any suggestions?

simply all i want to do is:
bridge all 216.55.74.56/3 packets without molesting them with natd,
perform NAT on all 192.168.2.x addresses.

thanks,
-Alfred




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message