IPNAT... internal server what-to-do

[keith at smmc.qld.edu.au]

Thanks Mark,
The gateway is a dns server so I guess that is not a caching dns server.
I have a 4.7 system squid proxy machine on the inside which is the gateway
for the lan (then its gateway is the firewall)
Can I install the caching dns on it maybe?
Hints?
Thanks again (yet again Freebsd questions people rock)
Keith

> On Wednesday 09 July 2003 01:23 pm, keith at smmc.qld.edu.au wrote:
>> Hi all.
>> On my 4.7 system, I have ipfilter and ipnat.
>> I have several "live" ips aliased to my external ADSL interface. Some
>> of these are mapped into private internal ips. So far so good. All
>> works fine from outside. But if I want to reach one of the internal
>> servers from inside...eg www.smmc.qld.edu.au...the client  hangs
>> looking. Here are some of my rules:
>> ======8< snip=============================
>>
>> map fxp0 10.0.0.0/21 -> 0/32  # <---OK maps internal getting out fine!
>>
>> #www server
>> rdr fxp0 210.15.203.195/32 port 80 -> 10.0.0.7 port 80
>> rdr dc0  210.15.203.195/32 port 80 -> 10.0.0.7 port 80 #<---No worky!
>>
>> ======8< snip=============================
>> I can figure there is a problem with this but dont have a clue how to
>> fix it I want to use fqdns inside not local ip addrs. It is more
>> convenient for users. BTW the ip address works fine...just the rdr or
>> lookup stuff is faulty
>
> There isn't really a way to do this currently.  (that was with 3.4.16 as
> I  remember perhaps support has been added now) because ipnat redirects
> from the  _outside_ interface to the inside and you want the inside
> reflected back  inside.  Not what it's meant to do.
>
> The easiest thing I can think of is to create a dummy dns entry on the
> local  machines or the caching dns server (if you have one) that points
> to the  10.0.0.7 address.
>
> -Mark