Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 27 Sep 2006 12:28:33 -0500
From:      Damian Wiest <>
To:        Chris <>
Cc:        FreeBSD Questions <>
Subject:   Re: rewrite of multiple incoming IPs into a single IP
Message-ID:  <20060927172833.GA23474@dfwdamian.vail>
In-Reply-To: <>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Tue, Sep 26, 2006 at 06:49:50PM -0700, Chris wrote:
> I have spent the day trying to get multiple IP addresses rewritten to  
> a single address using IPFW and NATD. Is there a simple way to do  
> this. If I put natd on the public interface, it grabs it and the  
> system hangs at boot. Is there an interface for keeping the packets  
> local to the system where divert can pass them, natd rewrite them and  
> reinsert them into ipfw? The application is what I asked about two  
> days ago, funneling multiple external websites on different addresses  
> into a single jail that works of Apache's NameVirtualHost. Thought it  
> was the easy part but so far it's the only part that is not working,  
> the jail and apache work great. I think I need a divert rule that  
> goes to an internal interface (tun0?) and be able to start natd on  
> that interface. I actually tried tun0 but it was not recognized (I'm  
> not configuring for ppp). It would seem that if I can get over this  
> hurdle, I could use the redirect_address within natd to perform the  
> magic I need.
> Please tell me if I'm trying to do something absurd or if this should  
> be directed to a different list.
> Thanks
> Chris

If I understand your problem correctly, you're trying to host multiple 
websites, each with its own IP address, on one server.  Why not use IP 
aliasing (see ifconfig(8)) with multiple instances of Apache?  For example, 
in rc.conf add some lines like:

ifconfig_bge0="inet netmask"
ifconfig_bge0_alias0="inet netmask broadcast"
ifconfig_bge0_alias1="inet netmask broadcast"

You'll then need to run an instance of Apache for each ip address.  
This assumes that each website's IP is in the same network.

With the setup I've described above, you could also use nat to direct
packets to one of your IPs.  From what you've described, I don't see how 
you'll ever receive packets addressed for the other IPs since you're not 
handling arp.


Want to link to this message? Use this URL: <>