IPFW NATD = NAT POOL
Phil Regnauld
regnauld at catpipe.net
Thu Sep 22 01:39:52 PDT 2005
Nate Nielsen (nielsen-list) writes:
> No. I think each instance of natd (at least last time I looked at it)
> could only use one IP address as it's public address.
One could use probability rules to divert to different natds with
different NAT addresses, and use choparp / aliases to get the traffic
back. So:
divert 10001 ip from <inside> to any prob 0.25 via <extif>
(appropriate skiptos)
divert 10004 ip from <inside> to any prob 0.25 via <extif>
...
divert 10001 ip from any to 1.2.3.4 in via <extif>
divert 10002 ip from any to 1.2.3.5 in via <extif>
...
Then
natd -alias_address 1.2.3.4 -p 10001
natd -alias_address 1.2.3.5 -p 10002
natd -alias_address 1.2.3.6 -p 10003
natd -alias_address 1.2.3.7 -p 10004
...
+ relevant ifconfig alias or choparp to force trafic your way
when someone ARPs for the additional "pool" addresses.
Gross, eh ? :)
More information about the freebsd-net
mailing list