Multiple natd and inbound web traffic
Tony Frank
tfrank at optushome.com.au
Tue Mar 9 03:27:51 PST 2004
Hi there,
On Mon, Mar 08, 2004 at 11:14:17PM -0800, asd ads wrote:
> I have the following setup below. A FreeBSD 4.9
> machine with 3 nics fxp0, fxp1 and ed0. Fxp0 is
> connected to my DSL connection, fxp1 is connected to
> my Cable connection and ed0 is my internal network.
>
>
> xx.xx.12.1 yy.yy.34.1
> --------- ------
> | DSL | |Cable|
> --------- ------
> | |
> \ /
> \ /
> \ /
> \ /
> \ /
> fxp0 | | fxp1
> .12.2 | |.34.2
> | |
> -----------------
> | FW |
> | Default route |
> | xx.xx.12.1 |
> | |
> -----------------
> |
> |ed0
> |192.168.200.1
> |
> |
> -----
> | |
> | | Web Server
> | | 192.168.200.10:80
> | |
> -----
>
> What I'm trying to do:
>
> Need to have inbound web traffic (from both
> connections) foward to the same internal web server.
>
> Problem:
>
> When a web connection is made to xx.xx.12.2:80(DSL),
> its nated to 192.168.200.10:80(websrv) and then back
> to the client(all is well at this point).
>
> The problem occars when a connection is made to
> yy.yy.34.2:80(cable), it's nated with the second
> instance of nat to 192.168.200.10:80(websrv) but when
> it trys to respond back to the client the default
> route forces it back thru the first connection.
>
> Does anyone have a good example of a fwd & divert
> rules that would help with this issue?
Since you seem to have the nat going ok, you might just
want to try something like this:
<natd etc>
02100 fwd xx.xx.12.1 ip from xx.xx.12.2
02200 fwd yy.yy.34.1 ip from yy.yy.34.2
Similar kind of thing works for my environment, though
I am not doing exactly the same thing.
Regards,
Tony
More information about the freebsd-ipfw
mailing list