Multiple NAT router
Sten Daniel Sørsdal
lists at wm-access.no
Sun Jul 23 23:51:21 UTC 2006
Brett Glass wrote:
> I have an application in which I'd like a FreeBSD router to have
> multiple, isolated LANS attached to it, each with the same address
> space. The FreeBSD box would take the place of multiple NAT routers.
>
Normally i'd point and laugh, but your ... unusual ..., problem got me
thinking. Since i wouldn't be supporting this and all. ;-)
A captive type portal technique could probably do it. But that's only if
your willing to code a complex application.
How about using netgraph (ng_nat) to do 1:n translation making f.ex;
net1: 192.168.0.0/24 -> 10.0.0.1
net2: 192.168.0.0/24 -> 10.0.0.2
net3: 192.168.0.0/24 -> 10.0.0.3
Then i assume you would want to nat the resulting 10.0.0.x addresses
again by using ... ng_nat?
I haven't tried anything like that myself and i haven't checked if it's
actually possible. You would probably employ proxy arp to reply to arp
queries for the gateway address. Perhaps you have three public addresses
to use, reducing complexity a bit. man ng_nat(4) has an example that
could help you with the syntax (the hdlc one).
If all fails then perhaps marking the packets could help you
differentiate them somehow.
--
Sten Daniel Sørsdal
More information about the freebsd-net
mailing list