From owner-freebsd-questions  Thu Nov  9  1: 6:42 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from thessaloniki.telehorizon.com (unknown [195.66.101.99])
	by hub.freebsd.org (Postfix) with ESMTP id 0B9DC37B479
	for <freebsd-questions@FreeBSD.ORG>; Thu,  9 Nov 2000 01:06:37 -0800 (PST)
Received: (from nobody@localhost)
	by thessaloniki.telehorizon.com (8.9.3/8.9.3) id LAA72848
	for freebsd-questions@FreeBSD.ORG; Thu, 9 Nov 2000 11:07:58 +0200 (EET)
	(envelope-from pgd@thessaloniki.telehorizon.com)
X-Authentication-Warning: thessaloniki.telehorizon.com: nobody set sender to pgd@telehorizon.com using -f
To: <freebsd-questions@FreeBSD.ORG>
Subject: setting up NAT..
Message-ID: <973760877.3a0a696dc644a@webmail.telehorizon.com>
Date: Thu, 09 Nov 2000 11:07:57 +0200
From: <pgd@telehorizon.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
User-Agent: IMP/PHP IMAP webmail program 2.2.0-pre13
X-Originating-IP: 195.66.101.66
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

hi,

i'm trying to set up NAT here and sadly enough it just won't work :^(
Any help/suggestion/advise will be appreciated :^)

Here's a simplification of my network:

     pc3                        pc1
    +----+                     +-----+
    |.89 |     gateway         |     |
    |    +-+   +------+     +--+     |
    +----+ |   | |  | |     |  +-----+
           +---| |  | |-----+   
           |   | |  | |     |  +-----+
internet<--+   +------+     +--+     |
                ^    ^         |     |
             fxp0    xl0       +-----+
                                pc2


### THE SET UP ###

My gateway runs a firewall. Communication with internet happens via pc3.
Here's what i did so far (to begin with, i chose the 10.0.0.x IP-range) :

On my gateway computer i've compiled the kernel with 
  options IPFIREWALL
  options IPDIVERT

Further, i set:
  geteway_enable=YES

I checked /etc/services and natd is there, allright. I set up the following in
rc.conf:
  natd_enable="YES"
  natd_interface="175.23.12.89"
  natd_flags="-f /etc/natd.cf"

This enables in /etc/rc.firewall the following rule which now appears at the
begining of the file:
  ipfw add 500 divert 8668 all from any to any via ${natd_interface}

Then it seems to be time to change the IP's. Here's my distribution:
- gateway xl0 becomes 10.0.0.1
- pc1         becomes 10.0.0.2
- pc2         becomes 10.0.0.3

- netmask on all three becomes 10.255.255.254

### THE PROBLEM ###

Now, when I reboot the boxes I get the following messages on pc1 and pc2:
  route: writing to routing network socket: Network is unreachable
  add net default: gateway 10.0.0.1: Network is unreachable

When I login and try to ping:
On pc1:
  ping 10.0.0.2 (localhost) works fine
  ping 10.0.0.3 (pc2) works fine
  ping 10.0.0.1 (gateway) gives "No route to host"
On pc2:
  ping 10.0.0.3 (localhost) gives "Can't assign requested address"
  ping 10.0.0.2 (pc1) fails
  ping 10.0.0.1 (gateway) gives "No route to host"
Gateway:
  ping 10.0.0.1 (localhost) works fine
  ping 10.0.0.0 (network) works fine

Oups! Trouble :^/
do u think u can help?

thanks,
dimitri


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message