NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

NPF NAT Hairpinning



I recently got NetBSD + NPF running on a raspberrypi, and am now using it as 
my gateway router (purchased a 2nd USB ethernet stick as internal nic). 
Behind this router, I run a few servers and also have a 2nd router for my 
home PCs - so it operates like a perimeter network.

When I am hitting my global IP from the outside, NPF forwards my packets 
correctly to my server, and I'm able to view my website. When trying to 
access from one of my home PCs though, I get a connection timeout/refused.

In Linux when I'm usually setting up a router, I am able to configure 
iptables to do nat-hairpinning to any services running in the perimeter 
network. I don't want to resort to split-zone DNS or other methods, so does 
anyone know of a way to coerce NPF into doing nat hairpinning?

For reference, PF seems to be able to do this (they call it "rdr-to and nat-
to combo"), but I don't know how to construct an equivalent NPF rule: 
http://www.openbsd.org/faq/pf/rdr.html

TIA



Home | Main Index | Thread Index | Old Index