Subject: Problems getting IPNAT to work
To: None <netbsd-help@NetBSD.ORG>
From: William O Ferry <WOFerry+@CMU.EDU>
List: netbsd-help
Date: 06/07/1998 02:14:10 
    I have had several machines working on my college's 10base-T network
for the past few years.  Now that I have graduated I would like to have
the machines work through a NetBSD (i386) box with a modem running
pppd/ipnat, but I seem to be having problems getting ipnat to work.

    The PPP dialup works just fine.  I can access any host on the 'net
from the dialup box.  However, on the internal network, I can only reach
the machines in the network (including the IP's for both the ethernet
and ppp interfaces on the dialup box).  I cannot get any farther than
that, however.  I have verified the routing information, the other
internal hosts think the gateway is the dialup box (it's ethernet IP),
the dialup has no default gateway, and pppd establishes the default
route as being to the address on the other end of the PPP line, as well
as a route to that IP via the local PPP IP address.

    I'm running ipnat as suggested in the multiple hosts -> one ppp IP
example.  It looks something like (not sure exactly, I'm not on my
NetBSD box right now):
map ppp0 192.168.42.0/24 -> (ppp ip)/32 udp/tcp 10000:40000
map ppp0 192.168.42.0/24 -> (ppp ip)/32
    (My internal machines are set to IP's from 192.168.42.XXX)
    And I verified the correctness of the map with ipnat -l.  However,
as I said nothing works from any machine other than the dialup box. 
Fingers, pings, nothing.

    Any suggestions as to what I'm doing wrong?  FWIW it's a 1.3.1
install with a 1.3E (-current) kernel on the i386 dialup box.  No
changes to /etc/rc.conf for ipnat, all of the code installing/removing
the ipnat filters is in my ppp up and down scripts.  Do I need to be
running other daemons, or have special kernel options or something to
get this to work?  Or are the kernel/binary versions a problem?  I'd
greatly appreciate any help.  Thanks in advance.

                                                          Will Ferry

------------------------------------------------------------------------
 William O Ferry  <woferry@CMU.EDU> | finger: woferry@Light.RES.CMU.EDU
 http://light.res.cmu.edu/~woferry/ | talk:   finger for online status
------------------------------------------------------------------------