From owner-freebsd-questions  Wed Jan 12  1: 9:26 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from relay.ucb.crimea.ua (UCB-Async4-CRISCO.CRIS.NET [212.110.129.130])
	by hub.freebsd.org (Postfix) with ESMTP id C91B414A0B
	for <freebsd-questions@FreeBSD.org>; Wed, 12 Jan 2000 01:09:13 -0800 (PST)
	(envelope-from ru@ucb.crimea.ua)
Received: (from ru@localhost)
	by relay.ucb.crimea.ua (8.9.3/8.9.3/UCB) id LAA47808;
	Wed, 12 Jan 2000 11:10:06 +0200 (EET)
	(envelope-from ru)
Date: Wed, 12 Jan 2000 11:10:06 +0200
From: Ruslan Ermilov <ru@ucb.crimea.ua>
To: Martin Welk <mw@theatre.sax.de>
Cc: freebsd-questions@FreeBSD.org
Subject: Re: NATD and Public IP Addresses
Message-ID: <20000112111006.H29173@relay.ucb.crimea.ua>
Mail-Followup-To: Martin Welk <mw@theatre.sax.de>,
	freebsd-questions@FreeBSD.org
References: <Pine.BSF.4.10.10001101619480.88174-100000@intertain.interlog.com> <20000111003327.C33776@extremis.demon.co.uk> <20000111030946.A14785@theatre.sax.de> <20000111110118.C18967@relay.ucb.crimea.ua> <20000112051743.C24866@theatre.sax.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.3i
In-Reply-To: <20000112051743.C24866@theatre.sax.de>; from Martin Welk on Wed, Jan 12, 2000 at 05:17:43AM +0100
X-Operating-System: FreeBSD 3.3-STABLE i386
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed, Jan 12, 2000 at 05:17:43AM +0100, Martin Welk wrote:
> On Tue, Jan 11, 2000 at 11:01:18AM +0200, Ruslan Ermilov wrote:
> 
> > > (*) Public network interface addresses configured as ifconfig aliases, that
> > > means, the gateway recognizes itself as that address. When this is done, it
> > > can pass the packets through natd which changes the address and forwards
> > > them to an assigned address in the private network.
> > It is *NOT* required to bind these addresses to interface.
> 
> This is quite interesting. I always thought so yet :-) If I understand
> you right, it's enough to let natd listen to the gateway interface and
> let it know about the addresses it should work with?
> 
Natd(8) listens on divert(4) socket, not gateway interface.  Everything
that is passed by ipfw(8) to that socket, is treated by natd(8) as either
incoming or outgoing IP packet, according to rules described in divert(4).

> Interesting. What if there are further hosts next to the gateway interface
> on the Ethernet (if there is some Ethernet), does one have to do proxy ARP
> so the NAT box recognizes itself is meant for these packets or is that done
> by some routing (even static routes) ?
> 
It depends on whether these hosts are in the same network/netmask as those
serviced by natd(8) or not.

-- 
Ruslan Ermilov		Sysadmin and DBA of the
ru@ucb.crimea.ua	United Commercial Bank,
ru@FreeBSD.org		FreeBSD committer,
+380.652.247.647	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message