Policy Routing / NAT Question
Ruslan Ermilov
ru at freebsd.org
Wed Jun 11 11:15:54 PDT 2003
On Wed, Jun 11, 2003 at 08:55:53AM -0400, Ryan Wilkins wrote:
> Hello..
>
> I'm setting up a TCP protocol testbed for testing various enhanced TCP
> stacks for use over high bandwidth, high latency links such as
> Satellite. Due to hardware limitations of the FreeBSD boxes we're using
> (1U rackmount), there are no expansion slots left for additional network
> cards. This forces me to have to run some traffic over one gateway and
> the rest of the traffic over another gateway, all through one ethernet.
> The problem I have is I need to change the source address of some
> packets based on destination address. I was able to accomplish this in
> Linux using Source NAT. I'm not real well versed in FreeBSD hence the
> reason I'm asking for any assistance here. Does anyone have an idea how
> to change the source address based on destination address?
>
If all of these possible source addresses belong to the same interface of
the box in question (it's unclear from your message), this can be done
with route(8). For example:
# ifconfig rl0 inet
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.4.115 netmask 0xffffff00 broadcast 192.168.4.255
inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255
inet 10.0.0.2 netmask 0xffffffff broadcast 10.0.0.2
# route add -net 11 10.0.0.3
add net 11: gateway 10.0.0.3
# route add -net 12 -ifa 10.0.0.2 10.0.0.4
add net 12: gateway 10.0.0.4
The route to the network 12 says to use 10.0.0.2 as the source
address when sending anonymous (with unfilled source address)
datagrams.
But if you need to change the traffic originated from other
hosts on your box, there are several NAT solutions for you.
Cheers,
--
Ruslan Ermilov Sysadmin and DBA,
ru at sunbay.com Sunbay Software Ltd,
ru at FreeBSD.org FreeBSD committer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20030611/2ba0c6f3/attachment.bin
More information about the freebsd-hackers
mailing list