Re: Two quick ipnat questions

To: <paul%whooppee.com@localhost>
Subject: Re: Two quick ipnat questions
From: Peter Eisch <peter%boku.net@localhost>
Date: Fri, 15 Feb 2008 11:56:29 -0600

On 2/15/08 10:47 AM, "Paul Goyette" <paul%whooppee.com@localhost> wrote:

> Since the WiFi AP will need two addresses (one for it's wired side, ie
> x.y.z.2, and one for the Wireless side).  If the NetBSD box has a.b.c.1
> as its external address, can I use x.y.z.99 as the translated address?
> And if I do this, do I need to manually publish an ARP entry for .99 so
> the ISP's device can find it?
> 

I'm a little confused when you write "can I use x.y.z.99 as the translated
address?".  Routing is best done by subnets, so on the LAN between the
Inside NIC and the AP, use a different network.  So, yes, the x.y.z.2 on the
AP and x.y.z.99 on the NetBSD system will work on the Inside LAN (with a
255.255.255.0 or 255.255.255.128 mask.

I tend to prefer the AP's to be in bridge mode and then turn off all the
features (dhcp, dns, etc.) that they can do.  When bridging the AP gets just
a single IP.  Then do all that from the NetBSD system.  With that config,
the AP has just an address on the Inside NIC and forwards the traffic.

Then in /etc/ipnat.conf you just need something simple like:

map XXX x.y.z.0/24 -> 0/32 proxy port ftp ftp/tcp
map XXX x.y.z.0/24 -> 0/32 portmap tcp/udp 40000:60000
map XXX x.y.z.0/24 -> 0/32

Where XXX = your Outside NIC (fxp0, wm0, bge0, en0, etc.) and
 x.y.z = your Inside LAN.

(If you prefer and leave the DHCP and other services running on the AP, you
don't need to run them on the NetBSD system, obviously.)

Then edit your rc.conf to include:

ipnat=YES
ipfilter=YES

peter

References:
- Re: Two quick ipnat questions
  - From: Paul Goyette

Prev by Date: Re: Two quick ipnat questions
Next by Date: Change MAC address in 4.0?
Previous by Thread: Re: Two quick ipnat questions
Next by Thread: Change MAC address in 4.0?
Indexes:

Home | Main Index | Thread Index | Old Index