Date: Wed, 9 Jan 2002 01:36:49 -0800 (PST) From: Saurabh Gupta <saurabh_gupta77@yhoo.com> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/33724: a very minor documentation error Message-ID: <200201090936.g099anF24363@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 33724
>Category: misc
>Synopsis: a very minor documentation error
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Jan 09 01:40:02 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: Saurabh Gupta
>Release: 4.4 stable
>Organization:
Mx
>Environment:
FreeBSD kashmir.etowns.net 4.4-RELEASE FreeBSD 4.4-RELEASE #3: Sun Jan 6 06:33:49 PST 2002 root@kashmir.etowns.net:/usr/obj/usr/src/sys/MYKERNEL i386
>Description:
In the FreeBSD Handbook,
Please refer to chapter 17 "Advanced Netowrking"
Section 11.2, "Network Address Translation - Setup " Paragraph no. 3
(i.e, handbook -> 17.11.2, paragraph 3)
It states (and I quote) This gateway machine must have two NICs--one for
connecting to the Internet router, the other connecting to a LAN". (end quote)
This is inaccurate, the least you need for NAT is just one NIC.
and a dumb hub connected to it and the incoming gateway/router also
connected to this same hub. the NIC in the FreeBSD box should have 2
aliases. One being the original ip address and other a server for
local lan in one of the allowed ranges. eg. (192.168.0.1 ......)
The configuration is also mostly same except one ought not use
in /etc/rc.conf
natd_interface="fxp0"
instead natd_flags be used.
natd_flags=" -alias_address <the original ip assigned to you by the isp> <also any other flogs you might like>"
mine looks like
natd_flags=" -use_sockets -same_ports -unregistered_only -alias_address 1.2.3.4"
*************
but this also breaks the /etc/rc.network script so I tweaked it a lil bit
*************
the diff looks as follows :
myprompt# diff rc.network1 rc.network2
296c296
< echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags}
---
> echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
>
basically remove the last argument for the natd daemon.
oh yeah I also had to change a line in my /etc/rc.firewall :
# ${fwcmd} add 50 divert natd all from any to any via ${natd_interface}
${fwcmd} add 50 divert natd all from any to any via 1.2.3.4
#
here 1.2.3.4 is my actual ip but in hindsight i dont think this change is necessary, dont remember why i did it. Try it without but keep it to fallback.
also as mentioned above alias is required following is a sample
ifconfig_rl0_alias0="inet 192.168.0.1 netmask 255.255.255.0"
rl0 should be replace with your interface name of the NIC
"use ifconfig to find that out also see the man"
Be sure to follow all the other information the the handbook(section 17.11.2)
It can be argued that this could be a cause for slow net activity
because in reality all packets that are going out are written twice on the hub
once when the FreeBSD gateway reads it and then when it spews it back out for
the router but hey i figured that I was using dsl with a maximum speed of
1.5mbps whereas the local lan has a cutoff over 10/100 mbps on ethernet so .....
So far I have about 5 computers running this way and yet to see a degradation
in quality or speed.
Necessity :
It could be used for setting up a little local network without investing
in another nic (sounds really cheap 10 bucks and i would have gotten a new nic
, well i added 20 more bucks and spend that on getting FreeBSD rather than
downloading, worthwhile choice I must endorse) or whatever new interface future
brings to us
NETWORK DIAGRAM
+-------------------+ +--------+
|FreeBSD natd-gate | | HUB |
|outside IP on NIC1 | | |
|alias 192.168.0.1 |NIC1-------------------+= |
|to NIC1 with net- | | |
|-mask 255.255.255.0| | |
+-------------------+ | |
+----------------+= |
+-------------------+ | | |
| 192.168.0.5 | | | |
| gateway |------+ | |
| 192.168.0.1 | | |
+-------------------+ +------------+= |
| | |
+-------------------+ | | |
| 192.168.0.6 | | | |
| gateway |----------+ | |
| 192.168.0.1 | | |
+-------------------+ +--------+= |
| | |
+-------------------+ | | |
| 192.168.0.4 |--------------+ | |
| gateway | +----+= |
| 192.168.0.1 | | | |
+-------------------+ | +--------+
|
+-------------------+ |
| HAS TO BE +------------------+
| NOTHING REALLY |
| in my case it is |
| an unconfigurable |
| gateway DSL +===================================>INTERNET<
+-------------------+
Thats about all I had to do. If anyone has a question feel free to email me.
saurabh_gupta77@yahoo.com
>How-To-Repeat:
see the discription
>Fix:
see the discription
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201090936.g099anF24363>