Re: pls help on 3 interfaces

Thu, 19 Mar 2009 00:35:12 -0700 

Lin Zhao wrote:

too much thx for Julian Elischer & John Nielsen.....
i've tried it, and it seems working now, but i don't know if i'm right in setting natd2.... i just add one line in /etc/services as "natd2 8669" and run a command: natd -n fxp1 -p 8669 seems so stupid. 

I assume you mean "simple" instead of stupid... :-)
I don't think you need natd2 in /etc/services...
but as long as the ipfw and natd agree in the port number
it should work.


You didn't say if you have nat already.
but if you do then I believe natd can do more than one nat
with a single instance now.

(phk added that some time ago)

but I have never done it, so I can not tell you how... read the man 
page...



also the in-kernel nat available in ipfw can do this and you can also 
do multiple NATS with that too but once again, I haven't done it

myself.



Lin

ÔÚÄúµÄÀ´ÐÅÖÐÔø¾­Ìáµ½:

From: John Nielsen <li...@jnielsen.net>

Reply-To: 
To: freebsd-ipfw@freebsd.org, Lin Zhao <linz...@ustc.edu.cn>

Subject: Re: pls help on 3 interfaces
Date:Wed, 18 Mar 2009 23:23:56 -0400

On Wednesday 18 March 2009 10:36:15 pm Lin Zhao wrote:

hi all, wish my english is enough :-)
my freebsd has 3 interfaces, like this,

     ----                               ----switch1

         |         ----------  fxp0    |
         |
         |        |          |---------

internal |--------|freebsd71 |

         |    rl0 |          |---------
         |         ----------  fxp1    |

     ----                               ----switch2

we're in the internal and want to visit outside
we use fxp0 for default outside address and it works well
but for some reason, i want to use fxp1 for some special outside
address how can i do for it?
thanks a lot.

Is the FreeBSD box performing network address translation (NAT)? I'm going 
to assume that it is and everything is being aliased through fxp0. I'm 
also assuming you're using ipfw since you wrote to the ipfw list.



If the IP addresses which you'd like to reach via fxp1 are static, you 
should be able to do something like the following:



Configure static routes on the FreeBSD machine for the the special outside 
addresses using the gateway of fxp1's network as the router.
Configure an additional NAT rule (if still using natd now might be a good 
time to switch to in-kernel ipfw NAT..) to alias through fxp1.
Configure ipfw to direct traffic to/from the special outside addresses to 
the new NAT instance instead of the default.



I actually used a similar setup recently. If you care to confirm my 
assumptions above I can give you a more step-by-step guide.


JN

_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"




_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"


_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"






















					Reply via email to