On Wed, 7 Mar 2001, Nick Rogness wrote:
ACK! I read your email wrong. I responded with the correct
reply...please void the message below.
> >
> > Won't your example below show all outbound traffic from the same
> > external ip, the ip that natd uses?
> >
>
> Yes and No, if the internal machine does not have a
> redirect_address statement in natd.conf then it will use the
> global interface or alias address outside the firewall. If
> redirect_address is used then the internal address carries
> redirect_address mapped external address when it goes outside the
> firewall.
>
> > I'd like to have the outbound traffic from internal range a.a.a.a have
> > one external ip and the outbound traffic from internal range b.b.b.b
> > have another external ip.
> Um, you can...but it is very complex with one interface. I'll try
> to explain why. Packets arrive and get translated to inside
> addresses...everything fine at this point...packet gets delivered
> to the inside machine...still no problem...but how does the
> packet on the return from the internal machine know which address
> to translate to when leaving the machine? Usually, it is
> seperate interface, which the ipfw divert rule is running on...and
> even then it is very tricky.
>
> If you search the archives back a couple of days, I gave an
> exmaple of how you would approach a problem like this.
>
>
> Nick Rogness <[EMAIL PROTECTED]>
> - Keep on routing in a Free World...
> "FreeBSD: The Power to Serve!"
>
>
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-net" in the body of the message
>
Nick Rogness <[EMAIL PROTECTED]>
- Keep on routing in a Free World...
"FreeBSD: The Power to Serve!"
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
