Date: Wed, 14 Jan 2004 22:20:22 +0100 From: Nils Vogels <nivo+sender+8eb026@yuckfou.org> To: freebsd-net@freebsd.org Subject: Re: Routing Networks Message-ID: <4005B296.8040201@yuckfou.org> In-Reply-To: <56020.148.243.211.1.1074064019.squirrel@mail.unixmexico.com> References: <56020.148.243.211.1.1074064019.squirrel@mail.unixmexico.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Nicolás de Bari Embríz G. R. wrote: >Hi all, I need some help routing or making Nat on a LAN. > >I have something like this: > > > I N T E R N E T > ----------------- > ^ ^ > | | >fxp0 public IP public IP > | | > FreeBSD server LINUX server > | | >dc0 192.168.10.1 | >dc1 192.168.1.1 ^ 192.168.1.3 > ^ | ^ > | | | > | | | > ---------------- > | Switch/Hub | > ---------------- > | | > ------------------ ----------------- > | LAN A | | LAN B | > | 192.168.10.2-254 | | 192.168.1.4-100 | > ------------------ ----------------- > >I have running a FreeBSD server as a gateway and DHCP, the server share >the Internet to all the computers on LAN A (192.168.10.0/24). > >The server have 3 network cards: > >fxp0 is public IP. >dc0 is the gateway for the LAN A "192.168.10.1". >dc1 has IP 192.168.1.1 ( need help with this ). > > >Right now i am just using fxp0 and dc0 so any computer on the LAN A >"192.168.10.2-254" can have Internet, my ipnat.rules file looks like this: > >-- >map fxp0 192.168.10.1/24 -> 0/32 portmap tcp/udp auto >map fxp0 192.168.10.1/24 -> 0/32 >-- > >until that point everything just work OK. > >There is another network, I will call it LAN B, this LAN make the same >thing that i am doing with the FreeBSD Server, but instead it uses LINUX, >the m achine have 2 network cars. > >eth0 has a public IP. >eth1 is the gateway for the LAN B "192.168.1.3" > > >Both networks are connected to the same switch/hub, but now i need that >the computers of LAN A can see "ping" computers on LAN B. > > You need to tell the Linux server, that it can reach the clients on LAN A via the 192.168.1.1 IP address. This can be done by putting a route in the routing table of the linux box, along the lines of this command: route add -net 192.168.10.0/24 192.168.1.1 Offcourse, the syntax might be slightly off. If you *REALLY REALLY* cannot make this change on the Linux box (really, it's only minor, nothing to worry about for it's sysadmin) you could try to NAT the traffic when going from LAN A to the server. This however will only make connections /FROM/ LAN A /TO/ the Linux box possible. Connections /TO/ LAN A /FROM/ the Linux box will not be possible. This should work with an ipnat rule that goes something along the lines of: map dc1 192.168.10.0/24 -> 192.168.1.1/32 portmap tcp/udp auto map dc1 192.168.10.0/24 -> 192.168.1.1/32 HTH & HAND -- Simple guidelines to happiness: Work like you don't need the money, love like your heart has never been broken and dance like no one can see you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4005B296.8040201>