I am not a ipfw expert. The truth of it is I was a ipfw user before I added a LAN behind my gateway box. Ipfw does it's nating from within ipfw and that it what makes ipfw nating so hard to get right. It's even harder if you use keep state processing. Ipfilter and PF do the nating separate from the firewall so the firewall always sees the true LAN packets. For that reason I now use ipfilter. Your ipfw question may get better answers from the ipfw questions list. In reading your original post it was not clear to me that you had to do this using ipfw. I read it as you were asking if it could be done at all. Using alias ip's is not the correct term I believe. Good luck finding a ipfw solution.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Andrew Pantyukhin Sent: Wednesday, February 15, 2006 7:16 PM To: [EMAIL PROTECTED] Cc: FreeBSD Questions Subject: Re: natd with several alias IPs On 2/16/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I am not sure just what you are asking about. > > Are you saying that you have 4 static public ip address assigned to > you by your ISP and you want to round robin those 4 in the NATing > process to your hundreds of LAN users? > > If that's what you are after then any of FreeBSD's 3 built in > firewall can do that by how you code the NAT statements. Read the > handbook firewall ipfilter section for details. There is no special > tricks or need for several NATed process. I'm quite aware of the fact that both pf and ipf have mature nat frameworks. The question is, how to do that with natd (and ipfw). Could you be so kind and throw an example of a round-robin setup without several natd processes, 'cuz I can hardly imagine that? _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
