From owner-freebsd-net@FreeBSD.ORG Sat Oct 25 17:32:16 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6F40516A4B3 for ; Sat, 25 Oct 2003 17:32:16 -0700 (PDT) Received: from pike.mail.pike.ru (pike.mail.pike.ru [194.135.18.234]) by mx1.FreeBSD.org (Postfix) with ESMTP id DB25743F3F for ; Sat, 25 Oct 2003 17:32:14 -0700 (PDT) (envelope-from babolo@cicuta.babolo.ru) Received: (qmail 7803 invoked from network); 26 Oct 2003 00:33:39 -0000 Received: from babolo.ru (HELO cicuta.babolo.ru) (194.58.226.160) by pike.mail.pike.ru with SMTP; 26 Oct 2003 00:33:39 -0000 Received: (nullmailer pid 16845 invoked by uid 136); Sun, 26 Oct 2003 00:32:28 -0000 X-ELM-OSV: (Our standard violations) hdr-charset=KOI8-R; no-hdr-encoding=1 In-Reply-To: <3F9AC937.4070200@yuckfou.org> To: Nils Vogels Date: Sun, 26 Oct 2003 03:32:28 +0300 (MSK) From: "."@babolo.ru X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Message-Id: <1067128348.400238.16844.nullmailer@cicuta.babolo.ru> cc: freebsd-net@freebsd.org Subject: Re: Reverse IP NAT to secondary IP address X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Oct 2003 00:32:16 -0000 [ Charset ISO-8859-1 unsupported, converting... ] > Hi there! > > I'm trying to solve a situation that I have with a device which needs > SNMP polling, but is not normally reachable to the outside world, > because it cannot install a default gateway. > > In short, a situation scetch: > > > > > SNMP-server (192.168.2.2/24) > > ----------- > +------------+ +-------------+ > | > | WWW |--------------------| Gateway | --------------+ > +------------+ > +-------------+ | > 192.168.0.2/24 192.168.0.1 IP: 195.x.x.x.x > \-----> Internet (0.0.0.0/0) > (rl0) Alias: > 192.168.2.1 > > (ed0) > > Now what I am trying to do is get statistics from the SNMP-server into > the WWW box, but I am stuck on the following: > > WWW is a FreeBSD-4.8 box. > Gateway is a FreeBSD-4.8 box with IP Filter > Since the SNMP-server does not have a default route, the traffic needs > to originate from an IP address within the same subnet as the Gateway. > To that end, I have added an alias IP of 192.168.2.1 to the gateway. > When I run an snmpwalk from the gateway all goes fine. > > Since the traffic is coming from WWW and heading through the Gateway, > which does not bridge, I have to perform some form of NATting in the > gateway. > > I've been searching and attempting various redirects and map entries, > and am now stuck at: > > map rl0 from 192.168.0.0/24 to 192.168.2.0/24 port = 161 -> 192.168.2.1/32 > > I think I'm close .. can someone give me the final hint ? ;-) configure port with SNMP-server as 192.168.0.17/30 for example instead 192.168.2.1/24, and sysctl net.link.ether.inet.proxyall=1 and configure SNMP-server as 192.168.0.18/24 If you can change mask of SNMP-server, you can use 192.168.0/24 and 192.168.1/24 on gateway and 192.168.0/25 on SNMP-server. No NAT is needed.