pppd and NAT

[Joshua Lokken]

On Tue, 28 Dec 2004 23:33:28 +0300, Igor Pokrovsky <ip at doom.homeunix.org> wrote:
> On Tue, Dec 28, 2004 at 11:07:32PM +0300, Igor Pokrovsky wrote:
> > Does anyone knows if it's possible to do NAT with pppd.
> > I know it's possible with ppp, but pppd didn't reveal me any clue.
> 
> Sorry for replying to my own message. I found the solution -
> it is possible to use natd and ipfw to do the job.
> If anyone is interested I can send complete solution.

Also, from man ppp(8):

The -nat flag does the equivalent of a ``nat enable yes'', enabling ppp's
     network address translation features.  This allows ppp to act as a NAT or
     masquerading engine for all machines on an internal LAN.  Refer to
     libalias(3) for details on the technical side of the NAT engine.  Refer
     to the NETWORK ADDRESS TRANSLATION (PACKET ALIASING) 
     section of this manual page for details on how to configure NAT in ppp.

[snip] and...

Supports NAT or packet aliasing.  Packet aliasing (a.k.a. IP masquerad-
     ing) allows computers on a private, unregistered network to access the
     Internet.  The PPP host acts as a masquerading gateway.  IP addresses 
     as well as TCP and UDP port numbers are NAT'd for outgoing packets 
     and de-NAT'd for returning packets.

[snip] and...

NETWORK ADDRESS TRANSLATION (PACKET ALIASING)
     The -nat command line option enables network address translation (a.k.a.
     packet aliasing).	This allows the ppp host to act as a masquerading
     gateway for other computers over a local area network.  Outgoing IP pack-
     ets are NAT'd so that they appear to come from the ppp host, and incoming
     packets are de-NAT'd so that they are routed to the correct machine on
     the local area network.  NAT allows computers on private, unregistered
     subnets to have Internet access, although they are invisible from the
     outside world....

So, you can do NAT with ppp, as well ;)   HTH,

-- 
Joshua Lokken
Open Source Advocate