Sorry, I failed to point out my current network configuration. I have 2 internal networks which use NAT, one class C ( 192.96.48.0/24 ) and one rfc1918 ( 192.168.1.0/24 ).
The internal interface(bge1) is configured with the class c network and I have added a route to bge1 for 192.168.1.0/24. All traffic on the 192.96.48.0/24 network internally is routed via the gateway to get to the 192.168.1.0 network. Hope that makes sense. Nelis On Fri, 2004-06-04 at 14:43, Nelis Lamprecht wrote: > Hi, > > I'm interested to hear how people utilise dummynet in a NAT environment. > How does one create a pipe for a NAT network without effecting the > actual LAN speed ? For example, on the gateway: > > $fwcmd add pipe 1 ip from 192.168.1.0/24 to any out > $fwcmd add pipe 2 ip from any to 192.168.1.0/24 in > $fwcmd pipe 1 config bw 128Kbit/s > $fwcmd pipe 2 config bw 128Kbit/s > > The above example would be fine if 192.168.1.0/24 were only talking to > the internet but unfortunately it also effects the machines from talking > to each other internally. The only interface you can specify is the > internal interface(bge1) because this is the only time that ipfw will > see the addresses before they are passed to NAT(ipnat) and will not be > seen on the external interface(bge0). So basically the above example > should be written as: > > $fwcmd add pipe 1 ip from 192.168.1.0/24 to any out via bge1 > $fwcmd add pipe 2 ip from any to 192.168.1.0/24 in via bge1 > > This however will also give 192.168.1.0/24 an internal LAN speed of > 128Kbit/s which is to say quite humorous ;-) > > What is the solution to this ? ..I'm obviously missing something. The > internal interface is not firewalled. > > > Many thanks, -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc "Unix IS user friendly.. It's just selective about who its friends are."
signature.asc
Description: This is a digitally signed message part
