Policy Routing / NAT Question

Vlad GALU vladg at vipnet.ro
Wed Jun 11 06:00:43 PDT 2003


On 11 Jun 2003 08:55:53 -0400
Ryan Wilkins <ryan at deadfrog.net> wrote:

> Hello..
> 
> I'm setting up a TCP protocol testbed for testing various enhanced TCP
> stacks for use over high bandwidth, high latency links such as
> Satellite.  Due to hardware limitations of the FreeBSD boxes we're
> using(1U rackmount), there are no expansion slots left for additional
> network cards.  This forces me to have to run some traffic over one
> gateway and the rest of the traffic over another gateway, all through
> one ethernet. The problem I have is I need to change the source
> address of some packets based on destination address.  I was able to
> accomplish this in Linux using Source NAT.  I'm not real well versed
> in FreeBSD hence the reason I'm asking for any assistance here.  Does
> anyone have an idea how to change the source address based on
> destination address?
> 
yes.

in the ipnat configuration file you should write something like this:

map <interface> from <source> to <destination> -> <nat address>

one thing though ... I've noticed the kernel trying to send the packets
on the default gateway, no matter what the <nat address> was. So I
used ipfw as well, for policy routing of nat'ed packets. I might have
done something wrong as well, I really don't know, but searching
the newsgroups archives I found no answer at all, and this seemed
to be the only option.


> Thanks in advance for any help.
> 
> Ryan Wilkins
> 
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to
> "freebsd-hackers-unsubscribe at freebsd.org"
> 


-- 
Vlad GALU
Network Administrator VipNET Bucharest
tel: 021/3039940
email: vladg at vipnet.ro
web: http://www.vipnet.ro
PGP: http://mirapoint.vipnet.ro/public_key.pgp

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20030611/0ba84308/attachment.bin


More information about the freebsd-hackers mailing list