pppd and NAT
Joshua Lokken
joshua.lokken at gmail.com
Tue Dec 28 12:45:25 PST 2004
On Tue, 28 Dec 2004 23:33:28 +0300, Igor Pokrovsky <ip at doom.homeunix.org> wrote:
> On Tue, Dec 28, 2004 at 11:07:32PM +0300, Igor Pokrovsky wrote:
> > Does anyone knows if it's possible to do NAT with pppd.
> > I know it's possible with ppp, but pppd didn't reveal me any clue.
>
> Sorry for replying to my own message. I found the solution -
> it is possible to use natd and ipfw to do the job.
> If anyone is interested I can send complete solution.
Also, from man ppp(8):
The -nat flag does the equivalent of a ``nat enable yes'', enabling ppp's
network address translation features. This allows ppp to act as a NAT or
masquerading engine for all machines on an internal LAN. Refer to
libalias(3) for details on the technical side of the NAT engine. Refer
to the NETWORK ADDRESS TRANSLATION (PACKET ALIASING)
section of this manual page for details on how to configure NAT in ppp.
[snip] and...
Supports NAT or packet aliasing. Packet aliasing (a.k.a. IP masquerad-
ing) allows computers on a private, unregistered network to access the
Internet. The PPP host acts as a masquerading gateway. IP addresses
as well as TCP and UDP port numbers are NAT'd for outgoing packets
and de-NAT'd for returning packets.
[snip] and...
NETWORK ADDRESS TRANSLATION (PACKET ALIASING)
The -nat command line option enables network address translation (a.k.a.
packet aliasing). This allows the ppp host to act as a masquerading
gateway for other computers over a local area network. Outgoing IP pack-
ets are NAT'd so that they appear to come from the ppp host, and incoming
packets are de-NAT'd so that they are routed to the correct machine on
the local area network. NAT allows computers on private, unregistered
subnets to have Internet access, although they are invisible from the
outside world....
So, you can do NAT with ppp, as well ;) HTH,
--
Joshua Lokken
Open Source Advocate
More information about the freebsd-questions
mailing list