How to connect laptop and desktop w/NICs

David Kelly dkelly at hiwaay.net
Sun Apr 13 09:27:47 PDT 2003 

On Sun, Apr 13, 2003 at 12:04:12PM -0400, taxman wrote:
> 
> from rc.conf(5) it doesn't seem that gateway_enable starts natd.  Then what is 
> the difference?
> I'm a networking moron and in a similiar situation as Jonathon, and I was 
> wondering which options to use.

A good way to learn what gateway_enable, or any other rc.conf parameter
does is to trace their usage. I start with grep to locate the files the
parameter is used in:

% grep gateway_enable /etc/rc.*
/etc/rc.network:        case ${gateway_enable} in
/etc/rc.network:        case ${ipxgateway_enable} in
/etc/rc.network6:       case ${ipv6_gateway_enable} in
/etc/rc.network6:       case ${ipv6_gateway_enable} in
/etc/rc.network6:       case ${ipv6_gateway_enable} in
/etc/rc.network6:       case ${ipv6_gateway_enable} in
/etc/rc.network6:                               case
${ipv6_gateway_enable} in
/etc/rc.network6:               case ${ipv6_gateway_enable} in
%

Can rule out rc.network6 as IPv6 isn't very common. So we find in
/etc/rc.network that this is all gateway_enable does:

        case ${gateway_enable} in
        [Yy][Ee][Ss])
                echo -n ' IP gateway=YES'
                sysctl net.inet.ip.forwarding=1 >/dev/null
                ;;
        esac

Notice the sysctl variable set says "IP forwarding". By setting this
variable the kernel is told when an incoming packet arrives on one
interface asking for relay, that the kernel's TCP/IP stack is allowed to
honor the request.

For your FreeBSD machine to function as desired when you list it as the
default router on your inside hosts, you need
sysctl net.inet.ip.forwarding=1

natd is another animal. With natd your FreeBSD system re-writes the
packets it forwards to the outside using its own public IP address. And
then undoes the modifications on appropriate incoming packets when
forwarding to the inside. To do so it has to track the outgoing
connections in order to know where incoming replys should be sent.

Plain old "gatewaying/routing" doesn't re-write the IP addresses.

-- 
David Kelly N4HHE, dkelly at hiwaay.net
=====================================================================
The human mind ordinarily operates at only ten percent of its
capacity -- the rest is overhead for the operating system.

More information about the freebsd-questions mailing list