At 2001-10-24T01:30:35Z, Kris Kirby <[EMAIL PROTECTED]> writes:
> And a tidbit just surfaced from the mud! Use ipfw + natd to nat anything > that would directly come from / to the private address and use "natd -u -a > 1.2.3.1" (assumes .1 is the gateway). Careful that you don't wind up > looking at every single packet though. Ahhh... That doesn't sound too bad. Lately I've somewhat taken to ipfilter so I'll wave the appropriate translation stick at the issue. > The other solution would be to accuse your ISP of being incompentent / > cheap, etc. and complain until you get a public /30 for the WAN link. Actually, they're far and away the most competent provider in the area. Our contact is a CCNA-working-on-CCIE and really seems to know his stuff. We're also now on a dual-homed network, connected by two counter-rotating fiber rings. The rationale I heard was that this was something they went out of their way to do in order to avoid wasting public IPs on router interfaces. Coming from anyone else, I'd agree with you. From these guys, I tend to believe them. > I'm a fascist; I wouldn't have taken a link without a public WAN ip. Well, we have a whole public /24. Only the routing block is private, which I'm sure will seem like a better idea once I coerce this $@#!() FreeBSD box to bend to my will. -- Kirk Strauser To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
