Subject: Re: PPP on demand dial
To: Tom T. Thai <tomthai@future.net>
From: David Brownlee <abs@anim.dreamworks.com>
List: current-users
Date: 06/12/1997 09:56:13
    Brief notes on ipnat (revision 4 :)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

	Ipnat performs Network Address Translation (NAT), also known as
	IP-Masquerading for the less well informed.

	Ipnat is part of ipfilter, which is distributed with
	NetBSD -current, and can be added to a 1.2 or 1.2.1 setup.

        There is a webpage for ipfilter at:
                http://coombs.anu.edu.au/~avalon/ip-filter.html

	Assuming you can get a static address allocated by your ISP:

	a) Have a gateway host (eg: machine with ethernet and modem)
	b) Setup ppp on that machine so you can connect from it to the
	   internet (either on demand or on start of pppd).
	   (There are other FAQs describing how to do this :)
	c) Number your internal machines on a reserved network
	       (eg 10.x.x.x
		    ethernet address of gateway 10.0.0.1
		    ethernet address of 1st local host 10.0.0.2
		    etc)
	d) Ensure /etc/mygate on all other machines contains the
	   internal network address of the gateway (10.0.0.1)
	e) On the gateway:
	   Create an /etc/ipnat.conf file:
	   map ppp0 10.0.0.0/8 -> X.X.X.X/32 portmap tcp/udp 10000:20000
	       (Where X.X.X.X is the address of your ppp0 interface,)
	   Run 'ipnat -f /etc/ipnat.conf'.
           Run 'sysctl -w net.inet.ip.forwarding=1' (enable routing)

	Then just run pppd as normal, and try to telnet out or web browse
	from another local machine.

	Once you have this working you probably want to add the pppd
	startup, ipnat, and sysctl to the end of /etc/rc.local.
    	




- "It was at that point I realised there might be a chance for myself as a
-  caring human being. Unable to decide whether to feel hopeful or disgusted,
-  I chose both and opened a bottle of wine to celebrate"

On Thu, 12 Jun 1997, Tom T. Thai wrote:

> I want to put together a gateway/router machine at home and have 2 other 
> systems connected to it via ether.  The gateway machine has either one 
> static ip from my ISP or dynamic.  How can I setup the gateway machine 
> with NAT to dial on demand using PPP when one of the other system access 
> the net?
> 
> 
> ..............          ....................................
> Thomas T. Thai          Infomedia Interactive Communications
> tom@iic.net             TEL 612.376.9090 * FAX 612.376.9087
> 
>