Date: Thu, 11 Apr 2002 09:24:24 -0400 From: Matt Simerson <freebsd@blockads.com> To: freebsd-hackers@freebsd.org Subject: Is natd the right tool? Message-ID: <70BBF3C4-4D4F-11D6-8065-00306553B5E4@blockads.com>
next in thread | raw e-mail | index | archive | help
--Apple-Mail-1--577924979
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
format=flowed
Natd is a very cool tool for doing stuff like redirecting connections
from an external network to an internal one but I'm have a slightly
different problem. I have a single host with one public interface:
host - fxp0 = 192.168.7.251
Also on this same host is a bunch more IP's on the loopback interface:
host - lo0 = 127.0.0.1
127.0.0.2
.....
On each of the loopback addresses I have a DNS server listening. This
part works just fine:
matt@matt: {101} % dig www.foo.com @127.0.0.2
<verbosity snipped>
;; ANSWER SECTION:
www.foo.com. 1D IN A 207.89.154.94
What I want to be able to do is send a dns query to the external
interface of the machine on a non-standard port and have it redirect the
query to a loopback address/port and return the query the appropriate
query result to me.
So, after reading the man page several times, I've tried using natd like
this:
natd -n fxp0 -redirect_port udp 127.0.0.2:53 192.168.7.251:55
However, doing so simply get's me a connection refused when I send it a
query like this:
matt@matt: {102} % dig -p 55 @192.168.7.251 www.foo.com
; <<>> DiG 8.3 <<>> -p @192.168.7.251 www.foo.com
; (1 server found)
;; res options: init recurs defnam dnsrch
;; res_nsend to server 192.168.7.251: Connection refused
matt@matt: {103} %
I'm not exactly certain why it's failing. Is this the best approach to
solving this problem? Is there a better way to go about this?
Matt
--Apple-Mail-1--577924979
Content-Transfer-Encoding: 7bit
Content-Type: text/enriched;
charset=US-ASCII
<fontfamily><param>Arial</param><color><param>0000,0000,FFFF</param><smaller>Natd
is a very cool tool for doing stuff like redirecting connections from
an external network to an internal one but I'm have a slightly
different problem. I have a single host with one public interface:
host - fxp0 = 192.168.7.251
Also on this same host is a bunch more IP's on the loopback interface:
host - lo0 = 127.0.0.1
127.0.0.2
.....
On each of the loopback addresses I have a DNS server listening. This
part works just fine:
matt@matt: {101} % dig www.foo.com @127.0.0.2
<<verbosity snipped>
;; ANSWER SECTION:
www.foo.com. 1D IN A 207.89.154.94
What I want to be able to do is send a dns query to the external
interface of the machine on a non-standard port and have it redirect
the query to a loopback address/port and return the query the
appropriate query result to me.
So, after reading the man page several times, I've tried using natd
like this:
natd -n fxp0 -redirect_port udp 127.0.0.2:53 192.168.7.251:55
However, doing so simply get's me a connection refused when I send it
a query like this:
matt@matt: {102} % dig -p 55 @192.168.7.251 www.foo.com
; <<<<>> DiG 8.3 <<<<>> -p @192.168.7.251 www.foo.com
; (1 server found)
;; res options: init recurs defnam dnsrch
;; res_nsend to server 192.168.7.251: Connection refused
matt@matt: {103} %
I'm not exactly certain why it's failing. Is this the best approach to
solving this problem? Is there a better way to go about this?
Matt
</smaller></color></fontfamily>
--Apple-Mail-1--577924979--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?70BBF3C4-4D4F-11D6-8065-00306553B5E4>