No I was not aware of this. Could you please explain the meaning of an alias address on the external interface for NAT?
There is no mention of using an alias for NAT in this document for example http://www.openbsd.org/faq/pf/nat.html Just to be clear, I already have an external and internal physical interface to work with, so I am unclear as to why I need an alias. 2011/10/11 Stefan N <stefanbsd...@yahoo.com>: > Hi Stefan, > As you mentioned that the IP forwarding is already enabled on your system. > Have you configured the IP alias on the network interface for the NAT > purpose? > If the NAT is done on external interface then you'll need to add in the IP > alias on /etc/hostname.vic2 > Please read the guide from openbsd url below: > http://www.openbsd.org/cgi-bin/man.cgi?query=hostname.if&apropos=0&sektion=0&; manpath=OpenBSD+4.9&arch=i386&format=html > Sample of hostname.if config with IP alias: > > A typical file contains only one line, but more extensive files are > possible, for example: > > inet 10.0.1.12 255.255.255.0 10.0.1.255 media 100baseTX description > Uplink > inet alias 10.0.1.13 255.255.255.255 10.0.1.13 > inet alias 10.0.1.14 255.255.255.255 NONE > inet alias 10.0.1.15 255.255.255.255 > inet alias 10.0.1.16 0xffffffff > # This is an example comment line. > inet6 alias fec0::1 64 > inet6 alias fec0::2 64 anycast > !route add 65.65.65.65 10.0.1.13 > up > > I hope it helps. > Regards, > Stefan > ________________________________ > From: Stefan Midjich <sweh...@gmail.com> > To: Mark (obsd) <openbsd-l...@nerdish.us> > Cc: misc@openbsd.org > Sent: Tuesday, October 11, 2011 2:06 AM > Subject: Re: Help setting up a PF NAT gateway > > Yes forwarding is enabled. I have followed the Book of PF 2nd Edition so > far. > > 2011/10/10 Mark (obsd) <openbsd-l...@nerdish.us>: >> Hi Stefan, >> >> On Mon, Oct 10, 2011 at 10:38 AM, Stefan Midjich <sweh...@gmail.com> >> wrote: >>> >>> Simplest of things but I'm failing miserably. >>> >>> ... >>> >>> With tcpdump I can see packets going to vic3, but no further. >>> >> >> Do you definitely have forwarding enabled? >> # sysctl net.inet.ip.forwarding >> net.inet.ip.forwarding=1 >> It that were 0 instead of 1, you'd get your symptoms. Edit > /etc/sysctl.conf >> to enable forwarding if you haven't. >> Regards, >> Mark > > > > -- > > > Med vdnliga hdlsningar / With kind regards > > Stefan Midjich > > > > -- Med vdnliga hdlsningar / With kind regards Stefan Midjich
