Policy Routing / NAT Question

Ryan Wilkins ryan at deadfrog.net
Wed Jun 11 14:22:05 PDT 2003 

Hi.. thanks for your response.. it did exactly what I needed.  I tried
some of the other solutions provided earlier in the day and ended up
locking up a machine 340 miles away from here which is a good 6-7 hour
drive from where I am currently.

Thanks again,
Ryan Wilkins


On Wed, 2003-06-11 at 14:15, Ruslan Ermilov wrote:
> On Wed, Jun 11, 2003 at 08:55:53AM -0400, Ryan Wilkins wrote:
> > Hello..
> > 
> > I'm setting up a TCP protocol testbed for testing various enhanced TCP
> > stacks for use over high bandwidth, high latency links such as
> > Satellite.  Due to hardware limitations of the FreeBSD boxes we're using
> > (1U rackmount), there are no expansion slots left for additional network
> > cards.  This forces me to have to run some traffic over one gateway and
> > the rest of the traffic over another gateway, all through one ethernet. 
> > The problem I have is I need to change the source address of some
> > packets based on destination address.  I was able to accomplish this in
> > Linux using Source NAT.  I'm not real well versed in FreeBSD hence the
> > reason I'm asking for any assistance here.  Does anyone have an idea how
> > to change the source address based on destination address?
> > 
> If all of these possible source addresses belong to the same interface of
> the box in question (it's unclear from your message), this can be done
> with route(8).  For example:
> 
> # ifconfig rl0 inet
> rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>         inet 192.168.4.115 netmask 0xffffff00 broadcast 192.168.4.255
>         inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255
>         inet 10.0.0.2 netmask 0xffffffff broadcast 10.0.0.2
> # route add -net 11 10.0.0.3
> add net 11: gateway 10.0.0.3
> # route add -net 12 -ifa 10.0.0.2 10.0.0.4
> add net 12: gateway 10.0.0.4
> 
> The route to the network 12 says to use 10.0.0.2 as the source
> address when sending anonymous (with unfilled source address)
> datagrams.
> 
> But if you need to change the traffic originated from other
> hosts on your box, there are several NAT solutions for you.
> 
> 
> Cheers,
-- 
Ryan Wilkins <ryan at deadfrog.net>
Deadfrog Networking Systems

More information about the freebsd-hackers mailing list