Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Hair pinning with pf and NetBSD

Joerg Sonnenberger <> writes:

> The problem is that the traffic will not pass through the router again.
> The destination will try to access the machine directly on the local
> network. Either that or I am not completely clear what you are actually
> doing in terms of NAT.

    You have to rewrite *both* the src and dst addresses for this case
to work, with the idea being that the source address is something that
the destination host will route through the nat.  The NAT can do the
obvious inverse transformation for any return packets.

    I've also never seen this implemented, so I'd love to know what
the OP's customer is thinking of.

Home | Main Index | Thread Index | Old Index