NAT/DNS question/recommendation?

Erik Norgaard norgaard at locolomo.org
Wed Jan 19 04:26:38 PST 2005 

Tom Huppi wrote:
> I have a FreeBSD 5.3 workstation connected to the net via user-ppp
> with a dynamic IP.  I have user-ppp doing both NAT and simple
> firewall.
> 
> I have a headless server box, also 5.3, set up as a NAT client.
> I run it only when I need the horsepower since it's loud and sucks
> power.
> 
> My problem is that the NAT client acts funny.  It makes the
> gateway/workstation box dial up when I attempt to automount from
> it for example.  Also I've had troubles with ssh delays.  I'm
> pretty sure that what is happening is that it wants to use DNS to
> resolve names sometime even though all that it needs _should_ be
> in the /etc/hosts file (and nsswitch.conf lists files first.)
> 
> On the NAT client, I have my defaultrouter set to the NAT server's
> IP (in the 172.16 range.)  Also I have my ISP's dns server in
> /etc/resolv.conf.  I can't seem to make things work well any other
> way.
> 
> Can someone recommend a better setup to aviod my problems, or
> suggest that I should _not_ be having these problems with this
> setup and that something else in my setup must be wrong?
> 
> A long, long time ago, I set up a caching-only DNS server on a
> gateway box 'for the fun of it.' If there is not a simpler
> solution, I'll do it again (though the fun has worn off), but I
> thought I'de ask here first.
> 
> BTW, I have done some research on this, but really didn't find
> that many specific details about NAT client
> configuration...possibly I just didn't look hard enough.

Maybe you are searching for the wrong keywords. I simply haven't heard 
of anyone speak of a "NAT client" or "NAT Server" before.

Secondly you haven't told us anything about how things are setup: Are 
you using ipfw, ipf or pf? What are your nat-rules? what are your filter 
rules?

You are trying to automount what? nfs, smbfs?

ssh delays? did you try to type in the ip to see if it was faster?

I think I get the picture of your network but sometimes it helps a lot 
if you scetch the network with a ascii-diagram, add ip's etc.

Cheers, Erik

-- 
Ph: +34.666334818                                  web: www.locolomo.org
S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt
Subject ID:  A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9
Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2

More information about the freebsd-questions mailing list