port-i386: RE: NAT Trouble

Subject: RE: NAT Trouble
To: Calvin Vette (IT- Borders Online) <CVETTE@borders.com>
From: Brad Salai <bsalai@tmonline.com>
List: port-i386
Date: 10/22/1998 15:06:54
Would you be willing to post, or point to information on how you got a
connection to a cable modem up? I am interested, and I know many others are
as well. In our area, the cable modem provider is Time Warner, (Road Runner)

Thanks

Brad

At 1:59 PM -0400 10/22/98, Calvin Vette (IT- Borders Online) wrote:
>I had a similar problem with 1.3.1/1.3.2 with a cable modem and an internal
>Ethernet network. I just upgraded to current, but haven't finished the
>configuration yet. Is the patch you're talking about included in
>current-981008?
>
>> ----------
>> From: 	Scott Bartram[SMTP:scottb@orionsoft.com]
>> Sent: 	Thursday, October 22, 1998 1:24 PM
>> To: 	James Snow
>> Cc: 	port-i386@netbsd.org
>> Subject: 	Re: NAT Trouble
>>
>>
>> Is your setup such that outbound packets are sent via the PPP (serial
>> port) link and inbound packets are received on the cable modem? If so, you
>> need to patch the NAT code in the kernel. Let me know what version of
>> NetBSD you're running and I'll send you a patch.
>>
>> scott
>>
>> On Thu, 22 Oct 1998, James Snow wrote:
>>
>> >
>> > Thanks to everyone who helped me with my com port/modem problem. I've
>> > subsequently set up PPP without a hitch, but following the directions
>> for
>> > NAT has got me stumped.
>> >
>> > I've got ipfilter compiled into the kernel., and I have it enabled in
>> > /etc/rc.conf. I have an empty /etc/ipf.conf, the following in
>> > /etc/netstart.local:
>> >
>> >    if [ -f /etc/ipnat.conf ]; then
>> >                   echo 'starting IP network address translation
>> (ipnat)...';
>> >                   /usr/sbin/ipnat -f /etc/ipnat.conf
>> >         fi
>> >
>> > and the following in /etc/ipnat.conf:
>> >
>> > map ppp0 10.0.0.0/24 -> 0/32 portmap tcp/udp 40000:60000
>> > map ppp0 10.0.0.0/24 -> 0/32
>> >
>> > I'm a little confused about those numbers following the portmap command.
>> > Do they represent the range of ports that the machine will resend NATed
>> > packets from or the range of ports that a packet to be NATed must be
>> > coming from?
>> >
>> > Back to the NAT problem though, with the above setup and one of the
>> other
>> > machines here set to use the NetBSD box as its gateway, nothing happens.
>> > The output of ipnat -ls remains as follows:
>> >
>> > mapped  in      0       out     0
>> > added   0       expired 0
>> > inuse   0
>> > rules   2
>> > List of active MAP/Redirect filters:
>> > map ppp0 10.0.0.0/24  -> 0.0.0.0/32  portmap tcp/udp 40000:60000
>> > map ppp0 10.0.0.0/24  -> 0.0.0.0/32
>> >
>> > List of active sessions:
>> >
>> > I can verify with tcpdump that the client machine is indeed making
>> > requests and they are making it to the gateway, but the NAT doesn't seem
>> > to see tem at all.
>> >
>> > Anyone have any ideas?
>> >
>> >
>> > Thanks in advance,
>> > James Snow
>>


Stephen B. Salai                            Phone (716) 325-5553
Cumpston & Shaw                             Fax    (716) 262-3906
Two State Street                            email bsalai@tmonline.com
Rochester, NY 14614