On Tue, 10 Aug 1999, Christopher P. Gill wrote:

> > My configuration "sorta" works (really frustrating, 'cuz the ip-nat
> > how-to sucks for info).  I've got the router pluggeg into the uplink
> > port of the hub and my ae0 and sn0 cards plugged into normal ports on
> > the hub.  Everything else is the same as you mention.  What happens on
> > mine is that packets inbound from the internet to the LAN's fake IP's
> > get lost somewhere.  Not all of the packets, just some, so big WWW pages
> > with images wont load completely but simple text pages will.  I just
> > started reading the mapping rules pages so hopefully i can figure it out
> > within a few days... 

You do have ipforwarding on, and an appropriate "default" route on the
NetBSD box?

fredb-> sysctl net.inet.ip.forwarding
net.inet.ip.forwarding = 1
fredb-> netstat -rn | grep -1 default -
Destination        Gateway            Flags     Refs     Use    Mtu
Interface
default            216.80.19.11       UGS         4     2864      - ppp0
127.0.0.1          127.0.0.1          UH          2     2424      - lo0

The 'NAT only rewrites addresses at the interfaces; it doesn't do any
routing. Just for grins, if you simply clear all the nat rules with
"ipnat -C", you should be able to detect, using 'tcpdump', all the
internal address spew on your default, external interface. I suspect
you have a routing problem, not a 'NAT problem.