Date: Sun, 14 Nov 2004 16:23:08 -0800 From: "Jacob S. Barrett" <jbarrett@amduat.net> To: freebsd-net@freebsd.org Subject: Re: Universal Client Gateway Message-ID: <200411141623.10060.jbarrett@amduat.net> In-Reply-To: <4197D8C5.5050601@elischer.org> References: <200411141311.49502.jbarrett@amduat.net> <4197D8C5.5050601@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 14 November 2004 02:14 pm, Julian Elischer <julian@elischer.org>
wrote:
> sounds like you just want to run natd.
I do for all the traffic exiting the WAN interface. I am doing that and I can
pass traffic from the host through the universal proxy to the destination.
The traffic coming back from the destination enters WAN interface and natd
and is translated back to the host interface but gets routed back out the WAN
(default route) since the host is not local. I need to be able to spoof the
routing table into forwarding the packet back out the LAN internface.
Maybe the example below will help.
Host A:
(static roaming client)
IP: 192.168.0.3/24
Gateway: 192.168.0.1
DNS: 192.168.0.1,192.168.0.2
Host B:
(dhcp client)
IP: 10.0.0.3/24
Gateway: 10.0.0.1/24
DNS: 10.0.0.1, 10.0.0.2
Gateway:
Gateway: 1.2.3.4
DNS: 1.2.3.4, 1.2.3.5
LAN:
IP: 10.0.0.1/24 arpd
WAN
IP: 1.2.3.6/24 natd
Remote C:
IP 4.5.6.7
So above we see that Host B will communicate normally. All traffic for host B
will travel in Gateway LAN and out natd on the WAN. All returning traffic
for Host B will come in the WAN natd and out LAN on Gateway. All normal
stuff.
Now if we look at host A. To send to Remote C it must forward through the
gateway at 192.168.0.1, which obviously doesn't exist. A ARPs for
192.168.0.1. Gateway replies to the ARP with its MAC address (proxy arp with
arpd). A forwards the packet to Gateway thinking it is 192.168.0.1. As
expected the packet enters LAN (192.168.0.3->4.5.6.7) passes through natd
(1.2.3.6->4.5.6.7) and exits WAN. The response from C comes back in WAN
(4.5.6.7->1.2.3.6) through natd (4.5.6.7->192.168.0.3) like normal. Now we
have a problem. Gateway needs to forward the packet to 192.168.0.3 (Host A).
It doesn't have an interface that is on the subnet so it forwards to the
default gateway again. It goes back out through natd and WAN.
What I need to do is figure out how to trick the routing table into thinking
it can just forward the packet to the LAN interface for local delivery.
--
Jacob S. Barrett
jbarrett@amduat.net
www.amduat.net
"I don't suffer from insanity, I enjoy every minute of it."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200411141623.10060.jbarrett>