natd with several alias IPs
Iantcho Vassilev
ianchov at gmail.com
Thu Feb 16 13:57:20 PST 2006
That`s how i do it with PF!!!
<Freebsd>
nat on ed0 proto {tcp udp icmp} from 10.10.xx.xx to any -> 172.16.xx.xx
# Rule 2 (NAT)
#
#
nat on ed0 proto {tcp udp icmp} from 10.10.xx.xx to any -> 172.16.xx.xx
#
# Rule 3 (NAT)
#
#
nat on ed0 proto {tcp udp icmp} from 10.10.xx.xx to any -> 172.16.xx.xx
#
# Rule 4 (NAT)
#
#
nat on ed0 proto {tcp udp icmp} from 10.10.xx.xx to any -> 172.16.xx.xx
------>
Where ed0 is the interface with the alias..
As performace i can say that`s its scalling very well. Because of the nature
of PF and the options you can set(to be more aggressive or not ) i don`t
have problems with overheat.
On 2/16/06, Andrew Pantyukhin <infofarmer at gmail.com> wrote:
>
> On 2/16/06, Chuck Swiger <cswiger at mac.com> wrote:
> > Andrew Pantyukhin wrote:
> > > I wonder, what tricks do you use to use more than
> > > one alias IP? I mean, if you have hundreds of
> > > hosts behind your firewall, what can you do to alias
> > > some of them to one ip, others to another and so on.
> >
> > See "man natd" about the following options for 1-to-1 NAT translation,
> which can
> > be put into /etc/natd.conf and processed automagicly when the machine
> boots:
> >
> > -redirect_address localIP publicIP
>
> That's one trick. Do you use it in production? How many
> hosts do you have mapped this way? How do you get
> incoming traffic translated to the address it is meant
> for, not the last address?
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list