Re: Router with WAN subnet - dedicated IP per Host

2019-11-27 Thread Henry Jensen
On Tue, 26 Nov 2019 20:06:40 - (UTC) Stuart Henderson wrote: > On 2019-11-26, Henry Jensen wrote: > > On Tue, 26 Nov 2019 12:27:16 - (UTC) > > Stuart Henderson wrote: > > > >> > 192.168.1.2 < rdr-to/nat-to > 11.22.33.40 > >> > 192.168.1.3 < rdr-to/nat-to > 11.22.33.41 > >> > > >> >

Re: Router with WAN subnet - dedicated IP per Host

2019-11-26 Thread Stuart Henderson
On 2019-11-26, Henry Jensen wrote: > On Tue, 26 Nov 2019 12:27:16 - (UTC) > Stuart Henderson wrote: > >> > 192.168.1.2 < rdr-to/nat-to > 11.22.33.40 >> > 192.168.1.3 < rdr-to/nat-to > 11.22.33.41 >> > >> > I plan to give the outgoing interface the second public IP >> > (11.22.33.41) as an a

Re: Router with WAN subnet - dedicated IP per Host

2019-11-26 Thread Henry Jensen
On Tue, 26 Nov 2019 12:27:16 - (UTC) Stuart Henderson wrote: > > 192.168.1.2 < rdr-to/nat-to > 11.22.33.40 > > 192.168.1.3 < rdr-to/nat-to > 11.22.33.41 > > > > I plan to give the outgoing interface the second public IP > > (11.22.33.41) as an alias, so the egress interface holds both > > p

Re: Router with WAN subnet - dedicated IP per Host

2019-11-26 Thread Stuart Henderson
On 2019-11-25, Henry Jensen wrote: > Hi, > > my ISP provides me with a /29 subnet, including 5 usable public IPv4 > addresses. > > Until now my router uses only one of this public IPs (11.22.33.40), > with port forwarding of port 443 to an host in a DMZ(192.168.1.0/24) > like this: > > pass in on

Re: Router with WAN subnet - dedicated IP per Host

2019-11-25 Thread Zé Loff
On Mon, Nov 25, 2019 at 04:31:45PM +0100, Henry Jensen wrote: > Hi, > > my ISP provides me with a /29 subnet, including 5 usable public IPv4 > addresses. > > Until now my router uses only one of this public IPs (11.22.33.40), > with port forwarding of port 443 to an host in a DMZ(192.168.1.0/24)

Re: Router with WAN subnet - dedicated IP per Host

2019-11-25 Thread Henry Jensen
Am 25. November 2019 20:06:36 MEZ schrieb Pedro Caetano : > >It looks like a usecase for binat. > >http://man.openbsd.org/pf.conf#binat-to Well, binat-to is a nice way to combine nat-to and rdr-to. But it doesn't solve the problem of "dedicated routing" I want to implement.

Re: Router with WAN subnet - dedicated IP per Host

2019-11-25 Thread Pedro Caetano
Hi, It looks like a usecase for binat. http://man.openbsd.org/pf.conf#binat-to BR, Pedro Caetano A segunda, 25/11/2019, 15:40, Henry Jensen escreveu: > Hi, > > my ISP provides me with a /29 subnet, including 5 usable public IPv4 > addresses. > > Until now my router uses only one of this publi

Router with WAN subnet - dedicated IP per Host

2019-11-25 Thread Henry Jensen
Hi, my ISP provides me with a /29 subnet, including 5 usable public IPv4 addresses. Until now my router uses only one of this public IPs (11.22.33.40), with port forwarding of port 443 to an host in a DMZ(192.168.1.0/24) like this: pass in on egress proto tcp from any to any port 443 rdr-to 192