From owner-freebsd-isp Fri Aug 30 20:31: 5 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 02DA737B400 for ; Fri, 30 Aug 2002 20:31:03 -0700 (PDT) Received: from skywalker.rogness.net (skywalker.rogness.net [64.251.173.102]) by mx1.FreeBSD.org (Postfix) with ESMTP id 088EC43E72 for ; Fri, 30 Aug 2002 20:31:02 -0700 (PDT) (envelope-from nick@rogness.net) Received: from localhost (nick@localhost) by skywalker.rogness.net (8.11.3/8.11.3) with ESMTP id g7V3PxG45422; Fri, 30 Aug 2002 21:26:00 -0600 (MDT) (envelope-from nick@rogness.net) Date: Fri, 30 Aug 2002 21:25:57 -0600 (MDT) From: Nick Rogness To: Blake Swensen Cc: FreeBSD ISP List Subject: Re: IPFW Help In-Reply-To: <3D6DECEA.1060608@pyramus.com> Message-ID: <20020830212357.E45364-100000@skywalker.rogness.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 29 Aug 2002, Blake Swensen wrote: > I cannot get local traffic to contact sites. > > Consider that www.1235.com is a virtual domain and is natd-ed to a > server inside the firewall. There is no occurance of 12345.com on our > internal dns for private ip resolution, so when local machines try to > access the natd-ed address, their connection is refused. This is the way natd works. There are several way to fix this. The most common practice is to add an entry in your internal DNS. Another way, which is a horrible way, is to run natd on the internal interface as well. I don't recommend this... Nick Rogness - WARNING TO ALL PERSONNEL: Firings will continue until morale improves. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message