Date: Mon, 22 Jul 2002 12:12:09 -0400 (EDT) From: "Nathan Vidican" <> To: questions@freebsd.org Cc: small@freebsd.org Subject: Routing + Natd woes, (need to disable natd forwarding for static routes... how?) Message-ID: <200207221612.g6MGC9b41148@mail.ipsnetwork.net>
next in thread | raw e-mail | index | archive | help
Here's the deal, I've got a machine which is triple-homed on three networks. It acts as the gateway between all three. The first network, (our internal LAN), is addressed on the gateway machine as 10.0.0.254. The gateway also runs a dhcp server for the internal network, (300 or so hosts). The second network, (our public network), is a small static subnet of IP addresses (/29). This network is directly attached via a small hub to a network card on this machine. The network card on the gateway in turn is utiliing a second IP from this subnet (explained in the next section). The third network, is really just the actual internet connection for which the second network is attached. The machine connects via a dedicated 5megabit DSL pipe. Using pppoe; via the standard /usr/sbin/ppp. I'm running it with -ddial -nat <profile>, it runs perfectly fine... but herein lies some other issues. I'm trying to route the static subnet through the second network interface card, (ideally I'd like to do so without tying up another ip address; as the pppoe interface takes the first available network address and routes the subnet through itself anyhow - any ideas? thought about bridging tun0 to fxp1 ... but not sure if that'll do anything?). The problem being that I have to disable natd for any outgoing transmisions not to be masqueraded upon from the static subnet; (that is if a machine on the second network sends something outgoing it's received on the other end as having come from the IP address which the gateway runs natd on). This is a real big problem, as two of the machines are mail servers, and also act as dns servers. Since the reverse IP would never match up properly... messages would appear to come from the wrong host... etc. So... to make the long annoying email short: How can I disable natd forwarding for a small subnet of 'real' static IP addresses? The routing works flawlessly if I ommit the '-nat' flag when I startup pppoe... but then the internal network gets no access? Any ideas would be greatly appreciated at this time; I'm all out of other options! P.S. - cc'd -small because I know a lot of members therein may have more experience with routing under freebsd, please excuse if this was an innapropriate idea -- Nathan Vidican Nathan@Vidican.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207221612.g6MGC9b41148>