Re: IP translator

To: Net BSD Support <bsd%blkhole.resun.com@localhost>
Subject: Re: IP translator
From: David Brownlee <abs%anim.dreamworks.com@localhost>
Date: Sun, 3 Aug 1997 21:10:26 -0700 (PDT)
> On Fri, 18 Jul 1997, David Brownlee wrote:
> 
> After much work, I believe that I've managed to get a working version of
> -current installed.  
> 
> uname -a shows:
> NetBSD blkhole.resun.com 1.2G NetBSD 1.2G (blkhole) #1: Wed Jul 30
> 21:09:36 PDT 1997
> bin%blkhole.resun.com@localhost:/usr/src/sys/arch/amiga/compile/blkhole amiga
> 
> I did this by taking the binary snapshot of 1.2D, pulling current,
> configuring a new kernel, and recompiling the various pieces of
> software.  The system even seems to be reasonably functional.  :-)
> 
> After working through various problems, I believe I got a successfully
> compiled version of ipf.  The problems that I encountered seemed to be
> mostly that make apparently wasn't searching the .PATH variable. (?)
> I mucked around with the make files to get them to point to the
> correct files for now.
> 
> I also found that the base release only defined /dev/ipf.  /dev/ipnat
> was missing, so I 'mknod /dev/ipnat c 49 1' to get the device to be
> present.  I haven't a clue as to whether this was the correct thing to
> do or not.
> 
        You may not have installed the new copy of /dev/MAKEDEV.
        If you have the space, running 'make distribution' from
        /usr/src/etc is a good way to see what would get installed in
        /dev/, /etc & friends...

> My network configuration is 'ifconfig -a':
> 
> le0: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>       address: 00:80:10:00:16:d7
>       media: manual status: active
>       inet 192.156.206.1 netmask 0xffffff00 broadcast 192.156.206.255
> lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 32768
>       inet 127.0.0.1 netmask 0xff000000 
> sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 296
> sl1: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 296
> sl2: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 296
> ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
>       inet 204.245.6.188 --> 204.245.6.2 netmask 0xffffff00 
> ppp1: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
> ppp2: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
> 
> Note: I am the registered owner of 192.156.206.00.
> 
> I proceeded as follows:
> 
> >     Assuming you can get a static address allocated by your ISP:
> 
> Done.  IP = 204.245.6.188.
> 
> >     a) Have a gateway host (eg: machine with local ethernet and either
> >        a modem or an outgoing ethernet connection)
> 
> Done per previous configuration.
> 
> >     b) Setup that machien to talk to the outside world, either using
> >        ppp on a modem, or a 'standard' ethernet setup.
> >        (There are other FAQs describing how to do this :)
> 
> Done.  PPP link is up an functional.
> 
> >     c) Number your internal machines on a reserved network
> >            (eg 10.x.x.x
> >                 ethernet address of gateway 10.0.0.1
> >                 ethernet address of 1st local host 10.0.0.2
> >                 etc)
> 
> Done.  Not a reserved network, but used my registered IP.
> 
> >     d) Ensure /etc/mygate on all other machines contains the
> >        internal network address of the gateway (10.0.0.1)
> 
> Other machines are Macintoshes running MacTCP.  The gateway on them is
> set to 192.156.206.1.
> 
> >     e) On the gateway:
> >        Create an /etc/ipnat.conf file:
> >        map EXT 10.0.0.0/8 -> X.X.X.X/32 portmap tcp/udp 10000:20000
> >             (Where EXT is your external (to the world) network interface,
> >              'ppp0' for a modem over ppp, otherwise sn0, or le0 etc)
> >             (X.X.X.X is the address of your EXT interface,)
> >        Run 'ipnat -f /etc/ipnat.conf'.
> 
> Done.  ipnat -l shows:
> 
> List of active MAP/Redirect filters:
> map ppp0 192.156.206.0/24  -> 204.245.6.188/32  portmap tcp/udp 10000:20000
> 
> List of active sessions:
> 
> >            Run 'sysctl -w net.inet.ip.forwarding=1' (enable routing)
> 
> Did not run.  'sysctl net.inet.ip.forwarding' shows:
> 
> net.inet.ip.forwarding = 1
> 
        If you have options GATEWAY in your kernel the sysctl is
        unnecessary.

> >     Now try to telnet out or web browse from another local machine.
> 
> Now the fun begins.  telnetting out gets me nowhere.  After attempting
> the telnet, ipnat -s shows:
> 
> mapped        in      0       out     0
> added 0       expired 0
> inuse 0
> rules 1
> 
> I then tried:
> 
> iptest -d ppp0 -s 192.156.206.3 -g 192.156.206.1 -4 primenet.com which
> gave:
> 
        Definitely sounds unhappy - if you didnt build the world via a
        'make distribution' from /usr/src/etc, or a 'make build' from
        /usr/src, then you may have problems with mismatched include
        files and other wierdness.
        If you have done a make build, and copied the latest version of
        MAKEDEV, then we have to look further! :/
        
> Device:  ppp0
> Source:  192.156.206.3
> Dest:    206.165.6.209
> Gateway: 192.156.206.1
> mtu:     1500
> 4.1 UDP uh_ulen > packet size - short packets
> arp: Undefined error: 0
> 24arp: Undefined error: 0
> 23arp: Undefined error: 0
> 22arp: Undefined error: 0
> 21arp: Undefined error: 0
> 20arp: Undefined error: 0
> 19arp: Undefined error: 0
> 18arp: Undefined error: 0
> 17arp: Undefined error: 0
> 16arp: Undefined error: 0
> 15arp: Undefined error: 0
> 14arp: Undefined error: 0
> 13
> 4.2 UDP uh_ulen < packet size - short packets
> arp: Undefined error: 0
> 24arp: Undefined error: 0
> 23arp: Undefined error: 0
> 22arp: Undefined error: 0
> 21arp: Undefined error: 0
> 20arp: Undefined error: 0
> 19arp: Undefined error: 0
> 18arp: Undefined error: 0
> 17arp: Undefined error: 0
> 16arp: Undefined error: 0
> 15arp: Undefined error: 0
> 14arp: Undefined error: 0
> 13
> 4.3.1 UDP sport = 0
> arp: Undefined error: 0
> 0
> 4.3.2 UDP sport = 1
> arp: Undefined error: 0
> 1
> 4.3.3 UDP sport = 32767
> arp: Undefined error: 0
> 32767
> 4.3.4 UDP sport = 32768
> arp: Undefined error: 0
> 32768
> 
> 4.3.5 UDP sport = 65535
> arp: Undefined error: 0
> 65535
> 4.4.1 UDP dport = 0
> arp: Undefined error: 0
> 0
> 4.4.2 UDP dport = 1
> arp: Undefined error: 0
> 1
> 4.4.3 UDP dport = 32767
> arp: Undefined error: 0
> 32767
> 4.4.4 UDP dport = 32768
> arp: Undefined error: 0
> 32768
> 4.4.5 UDP dport = 65535
> arp: Undefined error: 0
> 65535
> 4.5 UDP 20 <= MTU <= 32
> 
> I suspect (and hope) that this is simply a configuration error of some
> sort.  I'd greatly appreciate any hints that anybody could provide
> that would help me get further.
> 
> Thanks in advance,
> -- 
>   Don Phillips         bsd%blkhole.resun.com@localhost
>   Research Unlimited
>   Escondido, Calif.    My opinions are just that, and no more.
>
Follow-Ups:
- Re: IP translator
  - From: Net BSD Support
References:
- Re: IP translator
  - From: Net BSD Support
Prev by Date: Re: IP translator
Next by Date: File Manager
Previous by Thread: Re: IP translator
Next by Thread: Re: IP translator
Indexes:
Home | Main Index | Thread Index | Old Index