Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Hair pinning with pf and NetBSD



On Wed, Nov 25, 2009 at 02:39:56PM -0500, Brian A. Seklecki (CFI NOC) wrote:
> Joerg Sonnenberger wrote:
> >On Wed, Nov 25, 2009 at 10:03:17AM -0500, Brian A. Seklecki wrote:
> >>See attached diagrams.  I think your customer is very very confused
> >>about TCP/IP, but anyway.
> >
> >Yeah. I think the easiest configuration is actually to just add the
> >public address of each machine as alias with /32 and use normal routing.
> 
> 1) Create a lo1 or alias on lo0 inteface with a /32 of the public
>    IP address
> 2) Create a static route on each machine, for the public /32, via the
>    private /32 (in the /24 or whatever)

Actually easier, just create the route on the former NAT box. For the
clients in the private network, it will send a redirect ICMP message, so
they will learn the route automatically.

Joerg


Home | Main Index | Thread Index | Old Index