netbsd-users: Re: IPNAT problem?

Subject: Re: IPNAT problem?
To: None <netbsd-users@netbsd.org>
From: Matthias Scheler <tron@zhadum.de>
List: netbsd-users
Date: 11/18/1999 11:06:44

In article <003d01bf31ad$bad99c70$0201a8c0@network.de>,
	"Oliver" <oliverko@dialup.nacamar.de> writes:
> 6. in /etc/ipnat.conf
>    map ppp0 192.168.1.0/24 -> 0.0.0.0/32 portmap tcp/udp 10000:40000

You should a line like this ...

map ppp0 192.168.1.0/24 -> 0.0.0.0/32

... to get ICMP to work.

Otherwise you may encounter problems when e.g. path MTU discovery is used.

> If I start a ftp session to ftp.netbsd.org all works fine but if I try the
> same from the FreeBSD box the NetBSD system makes a connection to my ISP but
> nothing returns (no ftp login).

What MRU and MTU is used on the PPP interface?

> The command ipnat -l (on dialup server)
> prints:
> 
> 192.168.1.6 1029    <--> 62.144.243.25 1029
> 192.168.1.6 1028    <--> 62.144.243.25 1028
> 192.168.1.6 1027    <--> 62.144.243.25 1027
> 
> Shouldn't be the ports between 10000 and 40000.

These are the port numbers used on the IP NAT server, not on the client or
the target host.

> lookup file bind
> domain network.de
> nameserver 195.185.185.195
> name server 194.162.141.17

The last line is definitely wrong.

> the /etc/hosts file
> 
> 192.168.1.1    a21064.network.de    a21064    (NetBSD)
> 
> 192.168.1.6    k6v1fb    k6v1fb.network.de       (FreeBSD)

You should change the order here. The FDQN should always be the first
hostname listed.

-- 
Matthias Scheler                            http://www.sighardstrasse.de/~tron/