On Sun, 5 Nov 2000, Bob Nestor wrote:

> David A. Gatwood wrote:
> 
> > It looks like the NAT just will not work
> >at all with aliases on different networks, but the same interface.
> 
> On what version of NetBSD?  I've been doing this with 1.4 and 1.4.2 on 
> mac68k and sparc without a problem.

hmm... 1.4L, "GENERIC #0", not sure where that's from.


> My ISP dynamically assigned address comes in on le0 (on the Sparc).  I've 
> created an in-house net using 192.168.1.x which I run NAT on.  The trick 
> with one ethernet interface is to make sure the system with the ISP 
> address doesn't NAT it's internal packets.

That's not the issue here, though.  I'm not trying to do NAT with data
coming in and going out the same interface.  I'm trying to do NAT with two
"internal" networks coming in form the same interface (ae2), but the
outside world on a different interface (sn0 and ae1)

Outgoing 1: sn0: local traffic, masqueraded 10 network traffic
outgoing 2: ae1: masqueraded 192 network traffic
incoming 1: ae2: 10 and 192 network traffic....

Having two networks both coming from the same interface, both of which
need to be masqueraded before they leave the box appears to cause trouble.

If I have to, I guess I could rewire it so that all the traffic goes out
sn0 and so that ae1 is 10.0.0.1 (router for 10 network) and ae2 is
192.168.0.1 (router for 192 network), but I'd rather the 192 network
traffic go out a different interface if that's possible....  :-)


Later,
David

---------------------------------------------------------------------
                    Check out my weekly web comic:
                     http://www.techmagazine.org