Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 8 May 2001 15:08:49 +0400
From:      "Artem Koutchine" <>
To:        <questions@FreeBSD.ORG>
Subject:   Networks routing, natd and subnetting question
Message-ID:  <000001c0d7af$db8d67e0$>

Next in thread | Raw E-Mail | Index | Archive | Help

I haven't asked any questions for a while now but today
i stumbled into a seemenly simple problem and cannot
solve it.

I have an allocated ip network for my intranet:
xxx.yyy.zzz.96 netmask 224 (0xffffffe0)

the local network is connected to the outer world like this:

CISCO 1601 <->FREEBSD <-> bunch of Win/FBSD pcs
the 'bunch' only uses for now 192.168.a.b network to make
it totaly safe. CISCO has xxx.yyy.zzz.97 and FreeBSD
has two interfaces ed0 (external to CISCO) xxx.yyy.zzz.98
and ed1 (internal to local network)
Local network goes to internet using natd (--unregistered-only
-l -use_sockets on interface ed0). Routes on the FreeBSD are:

netstat -rn
default    xxx.yyy.zzz.97    UGSc    10    21354    ed0    UH    5    50    lo0
192.168    link#2    UC    0    0    ed1 =>
xxx.yyy.zzz.96/27    link#1    UC     0    0 ed0 =>

Everything works fine. But a problem came up. One of the
local network machines REALLY needs a real IP address
to be accessed from the outer world. The machine should
have the address xxx.yyy.zzz.102

As i see i have two options:
1) Assign xxx.yyy.zzz.102 as an alias IP address to ed0 on
the FreeBSD and use nat to redirect all traffic from xxx.yyy.zzz.102
to The question is: How do i do that? Do I just
add extra option to natd (-redirect_address) or i need to add
some ipfw rule too?

2) Route this address directly, so, natd is not used at all and the
machine on the localnet gets a real IP.  Here is what i tried:
I changed to xxx.yyy.zzz.102 and on the FreeBSD
box added:
route add -host xxx.yyy.zzz.102 interface ed1
ping xxx.yyy.zzz.102
36 bytes from localhost ( Time to live exceeded
Vr    4
Hl    5
TOS    00
Len    5400
ID    0755
Flg    0
off    0000
TTL    01
Pro    01
cks    77a6
Dst    xxx.yyy.zzz.102

also tried:
route add -host xxx.yyy.zzz.102

got the same problem.

Now, i went further and split the network i got (xxx.yyy.zzz.96
into two subnetworks:
SN1: xxxx.yyy.zzz.96
SN2: xxxx.yyy.zzz.112
SN1 is routed via ed0 and SN2 via ed1:
netstat -rn
xxx.yyy.zzz.96/28    link#1    UC     0    0 ed0 =>
xxx.yyy.zzz.112/28    link#2    UCSc     1    0 ed1 =>

Instead of .102 i assigned .113 address to the localnetwork host (to
match SN2).
Now i can do ping from FreeBSD to xxx.yyy.zzz.113
and i can do ping from xxx.yyy.zzz.113 to FreeBSD (
However, I cannot ping external interface (ed0) on the FreeBSD from
xxx.yyy.zzz.113. Nor i can ping xxx.yyy.zzz.114 from outerworld
BTW: 113 is a WIN98 box.

The questions are:
1) What's the deal with not being able to ping external interface of
I can't even figure out where the problem with routing is: On 113 or
on FreeBSD?
2) CISCO routes xxx.yyy.zzz.96 to FreeBSD and back,
I do subnetwork to I have to inform CISCO about this in any way?
3) This subnetworking wastes 16 addresses. Is there any way not
waste them like this? (wasted addresses are those in the extrernal
subnetwork SN1, because all other pcs are behind FreeBSD and this
will be always like this).

Sorry for the mess, I tried to explain in detail what i got.
Help will be very appriciated.

Thanks in advance,

To Unsubscribe: send mail to
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <$db8d67e0$71a59ed4>