Date: Sat, 25 Nov 2000 01:51:08 -0800 (PST) From: mike@hyperreal.org To: freebsd-questions@freebsd.org Subject: natd basic setup help Message-ID: <20001125095108.17976.qmail@hyperreal.org>
next in thread | raw e-mail | index | archive | help
NAT. I've been RTFM'ing all night and am just not getting it. My ISP has
assigned me a static IP address. I want to use that address for my FreeBSD
machine, and have my 2 other machines masquerading as the same IP. The
configuration is pretty simple:
[private_box_1]-----.
|
[private_box_2]-----|___[switch]___[DSL_modem]___[ISPs_router]
|
[public_BSD_box]----'
The switch is unmanaged and the DSL modem is in bridging mode, so it's
essentially just a wire between my network and my ISP's router, which I
use as my gateway (216.241.42.1). No PPP or dynamic IPs are involved.
I want to give the private boxes IP addresses 10.0.0.*, and have them use
the BSD box as their gateway. The BSD box needs to keep its public IP
address (216.241.42.159). Sounds pretty typical, right?
1. I have a fresh install of FreeBSD 4.2-RELEASE.
2. I compiled my kernel with
options IPFIREWALL
options IPDIVERT
3. I have in my /etc/rc.conf
ifconfig_rl0="inet 216.241.42.159 netmask 255.255.255.0"
defaultrouter="216.241.42.1"
gateway_enable="YES"
natd_enable="YES"
natd_interface="216.241.42.159"
firewall_type="open"
According to a post I found in the freebsd-questions archive, despite the
natd man page's mention of the -f option, for some reason I don't really
want to have natd_flags="-f /etc/natd.conf" pointing to a file containing
things like
redirect_address 10.0.0.1 216.241.42.159
redirect_address 10.0.0.2 216.241.42.159
because now all one has to do is edit some magic /etc/rc.firewall script.
Am I just being especially dense tonight or is there nothing in
/etc/rc.firewall that says anything about mapping IP addresses or passing
arguments to natd? All I see in there is stuff that looks like it
shouldn't be changed.. just making sure packets *go* to natd.. nothing
about actually *configuring* natd.
So with this setup, regardless of whether I put in the natd_flags and a
natd.conf, inbound and outbound packets are all being denied or dropped at
the BSD box. I can't ping it from the outside, I can't ping it from the
inside, I can't ping the router from there, nothing..
What am I missing, here? The Complete FreeBSD (3rd ed.), the Handbook, the
man pages and the 'tutorials' I have seen are all very sketchy about
setting up what seems like a pretty common thing.
One other caveat, but shouldn't be affecting what I'm seeing now, is that
my /etc/resolv.conf is pointing to DNS servers on 192.168.*.*, indicating
that my ISP is doing some aliasing of their own (and the reason why I want
10.0.0.* for my private network).
Many thanks in advance,
- Mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001125095108.17976.qmail>