Subject: NAT, Alpha, no luck
To: None <current-users@NetBSD.ORG>
From: William J. Coldwell <email@example.com>
Date: 05/05/1998 02:51:24
I am stumped at trying to have an Alpha do NAT. The weird thing is that I
can get it to get pings across from the internal network to the outside,
but nothing else (traceroute doesn't even work).
So, I offer unto thee, the following:
NetBSD-1.3.1 GENERIC on a Digital Multia 166MHz (oh the pain!)
de0 is the external network (208.163.50.xxx)
de1 is the internal network (192.168.1.1)
IPFILTER=ON (had to touch /etc/ipf.conf to make it happy)
sysctl -w net.inet.ip.forwarding=1
ipnat -f /etc/nat.rules
map de0 192.168.1.0/24 -> 0/32 portmap tcp/udp 1024:65535
map de0 192.168.1.0/24 -> 0/32
I can ping anywhere from the internal machines. Everything fails,
including resolving to the nameservers outside of the internal network.
ipnat -l shows the 'right things' with mappings, and with things like me
trying to resolv something.. I see port 53 from the nameserver, to the
internal machine.. but it doesn't appear _at_ the internal machine (like
it's not getting transmitted across de1).
Is ipf/nat 64bit clean? Am I missing something obvious? Something
non-obvious that the wonderful complete and cleverly-written documentation
did not point out?