From owner-freebsd-questions@freebsd.org Tue Aug 18 06:32:11 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 226C93B0894 for ; Tue, 18 Aug 2020 06:32:11 +0000 (UTC) (envelope-from vas@sibptus.ru) Received: from admin.sibptus.ru (admin.sibptus.ru [IPv6:2001:19f0:5001:21dc::10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BW1Kk4RsPz4nck for ; Tue, 18 Aug 2020 06:32:10 +0000 (UTC) (envelope-from vas@sibptus.ru) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sibptus.ru; s=20181118; h=In-Reply-To:Message-ID:Subject:To:From:Date; bh=qCNYzjXJ5jmFO+WDZ4J6c1CN4U19WL3Txv4uIe2BUJM=; b=YzVeovJmCboJ1xXLmdCa9m7ZQJ oRg9L1a8e+xWB4aY/ceV4cYyRk3oCbV9U8snLIj3NtX4XlDzmDFoSPPUeVDCe52thYCqCsXh7X7GA h6p3wYGTVctJoSV/yAJ3Pw6Sxuvuvqg232Dk7nk8NKoZm/FXpfxVYMtrdt77sueBqeRY=; Received: from vas by admin.sibptus.ru with local (Exim 4.94 (FreeBSD)) (envelope-from ) id 1k7vAH-000KLR-6v for freebsd-questions@freebsd.org; Tue, 18 Aug 2020 13:32:09 +0700 Date: Tue, 18 Aug 2020 13:32:09 +0700 From: Victor Sudakov To: freebsd-questions@freebsd.org Subject: Re: can a domain name config point to a vlan tag at the host Message-ID: <20200818063209.GD77756@admin.sibptus.ru> References: <5F37E329.3000903@gmail.com> <9a027a2c-3575-25ac-6ccc-0f186a3d6820@qeng-ho.org> <5F37F4BD.5030301@gmail.com> <66b05a60-69f0-5634-1f1a-3f1f7d5a53d9@qeng-ho.org> <8986e63b-6c0a-58bb-f51e-ec9ad03e12cc@radel.com> <09402B7E-49F0-4320-9C7E-82068EBF8651@kreme.com> <20200816023803.GA23449@admin.sibptus.ru> <6407FCC7-BB53-4009-8F94-37CBCF8B3EAF@kreme.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="VMt1DrMGOVs3KQwf" Content-Disposition: inline In-Reply-To: <6407FCC7-BB53-4009-8F94-37CBCF8B3EAF@kreme.com> X-PGP-Key: http://admin.sibptus.ru/~vas/ X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1597732330; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references:dkim-signature; bh=qCNYzjXJ5jmFO+WDZ4J6c1CN4U19WL3Txv4uIe2BUJM=; b=W4nKGvKptvMECTLhQC1LpZJhhSWCHLfN/qwom8ot6+3VUWwAawpEiKDEOD63hdWO25Bq6a 5/4EecK5CB2vYv5iKU1qJbILJ4S0DBuGWuDKAmYr0MUdvDK4G4Lx42LrEYdZu/hPyFpFU1 4yZmNXrgKuUvA/DnJuFVZZJ9ckxkcgEaqQLKtgFP8/4dFJZV1VR4zTuNLbZHKr4pPVEj8b D4YFqbDwh51I7TQtqj0qNYtmASFdN1h+vdVh+YQ8ELgSC6shrY18Xq+uIVb6rTPy3qHPcs UzwR1z0UFEBqqvuf+Fr68a8i+/NUKsHvNa3rOcbEcikf45gNVt3v04FthkvfcA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1597732330; a=rsa-sha256; cv=none; b=r7tkJEF7N30hxlinGsSyd6pP4dWq4ElT3z/WZLHbiVbKsaDZh2ChGrk5ctgoXMxGVxB34U GvTmp9iqm7cbwtdSkMmFNLb+YQ9j/HH3VIaoHllyk23nOzS3g/GjtIbExBySx8iIbQ2/1F nQv3A2ARNgOZDu7lHQbOK3cDEfMf5fObWUiztWe72YYBW37LOGp0npWB2XWRS5S4fCbWxx CnDD7kZKt5xTcjw0HrVZ5CVTmlaIF5VuRmaFHqBtn7N6kMWCQkwdhgx2HQc8edxYsy0j4N VDMflNvbxFoeFyCWaOpDZ8x+IC7KnmRO7qWh15mhg5L/O+Xv7EY4eyM+8REzDw== ARC-Authentication-Results: i=1; mx1.freebsd.org; dkim=pass header.d=sibptus.ru header.s=20181118 header.b=YzVeovJm; dmarc=pass (policy=none) header.from=sibptus.ru; spf=pass (mx1.freebsd.org: domain of vas@sibptus.ru designates 2001:19f0:5001:21dc::10 as permitted sender) smtp.mailfrom=vas@sibptus.ru X-Rspamd-Queue-Id: 4BW1Kk4RsPz4nck X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=sibptus.ru header.s=20181118 header.b=YzVeovJm; dmarc=pass (policy=none) header.from=sibptus.ru; spf=pass (mx1.freebsd.org: domain of vas@sibptus.ru designates 2001:19f0:5001:21dc::10 as permitted sender) smtp.mailfrom=vas@sibptus.ru X-Spamd-Result: default: False [-5.90 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.01)[-1.007]; R_DKIM_ALLOW(-0.20)[sibptus.ru:s=20181118]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; TO_DN_NONE(0.00)[]; ARC_SIGNED(0.00)[i=1]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.02)[-1.023]; DKIM_TRACE(0.00)[sibptus.ru:+]; DMARC_POLICY_ALLOW(-0.50)[sibptus.ru,none]; NEURAL_HAM_SHORT(-0.77)[-0.773]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:20473, ipnet:2001:19f0:5000::/38, country:US]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Aug 2020 06:32:11 -0000 --VMt1DrMGOVs3KQwf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable @lbutlr wrote: > On 15 Aug 2020, at 20:38, Victor Sudakov wrote: > > @lbutlr wrote: > >>=20 > >> This is what I have been doing for years to get ssh access (an other p= orts) into my LAN, though I go with the easier to remember method of > >>=20 > >> 2202 =3D> lan.2:22 > >> 2212 =3D> lan.12:22 > >> 22107 =3D> lan.107:22 > >>=20 > >> (So 192.168.0.2 or 10.0.32.12 or however you have your LAN setup) > >=20 > > I used this for years but then I learnt about the concept of bastion > > host (the ProxyJump option in ssh_config) and forgot about all this > > hassle with port forwarding. >=20 > Does that apply to a home NAT? I thought that setup still required a non-= NAT/public facing machine to act as the host. The bastion host's port 22 should be reachable from the public Internet, and all other internal ssh servers should be reachable from the bastion hos= t itself. --=20 Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/ --VMt1DrMGOVs3KQwf Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJfO3XpAAoJEA2k8lmbXsY0LWwH/jN4GRm75HFzlSWH1YSaGpbT 2jzBy0SCevsYtKBKGvsL5ft1lE+bT4sb+o3mqQcQvpiAf0LAn1CLlNwnzNjdhRmT gs1quTEwOUY+xUfoDTKrYif0g7ZGAhcdVhe9JFKK2Her+aBWTcQtxSwxNo3W0UZb pW2mLuVQskNBNO9k4D5+7XfPVN/N4oUVZJAdGxS9d89eN7IKmXO9HTkML4aZHt72 2aqXUFyaRj1QTCQmwbQBPbOqWo5+V5KfZU9IuCgHNbA5+JLqKUTxs0YgibleCI3M /hOCWgwAm4qyuU0jaKup3/rMLEh+fLXaQjNiQz+MUgrabfuiVk4lCZamK51/BS4= =QixP -----END PGP SIGNATURE----- --VMt1DrMGOVs3KQwf--