On ott 12 13:55, John Nemeth wrote: > This is a very common configuration, so there is lots of > documentation on the Internet about how to do it. For NetBSD in > particular, take a look at the Guide: > > http://www.netbsd.org/docs/guide/en/ > http://www.netbsd.org/docs/guide/en/part-net.html
I had already checked out Section `IV. Networking and related issues', but it seems sometimes to be outdated (for example, when speaking about ipfilter) or without examples (I'll try to better explain this below). > Yes, you will need this, unless you have 'options GATEWAY' in > your kernel config. Ok! (I have a GENERIC, so I it's necessary). > } - put `gateway_enable="YES"' in /etc/rc.conf. > > I don't know what the source of this is, but it doesn't do > anything on NetBSD. Oh, ok. It comes from: <http://daemonforums.org/showthread.php?p=69409> > You will need to use one of the packet filters in order to do > NAT. The example above is overkill for your needs (l2tp [...] > You would probably be better off starting with soho_gw-npf.conf This is all very useful. > Note > that the examples in the Guide use ipfilter which will work for > now, but will likely be deleted at some point. This is why Section `24.5. Setting up an Internet gateway with IPNAT' gave me only a partial help. I should use npf instead of ipnat, through a normal Ethernet connection to the modem, instead of a PPP direct connection with the ISP. There are several adaptations to be made for my case I can't figure out. > No, assuming the standard ISP setup where you're provided with > a single IPv4 address, a bridge won't work. Yes, the modem has a single IPv4 address. > See the Guide for how to configure routing. The Guide deals with this in Section `23.5. Subnetting and Routing', but only with a theoretical example, with no route(8) commands. However, maybe I'm overlapping the roles of routing with the role of npf. I probably have no difficulties in configuring the routing as regards the netbsd_gateway host itself. Something like: Internet: Destination Gateway Flags Refs Use Mtu Interface default modem_IP UG - - - NIC2 127/8 localhost UGR - - 33624 lo0 localhost lo0 UHl - - 33624 lo0 subnet2 link#2 U - - - NIC2 subnet1 link#1 UHl - - - NIC1 But when netbsd_gateway receives a packet from a host in subnet1, whose destination is a remote host in the internet, how must it be instructed to forward the packet to modem_IP through NIC2? With a routing table entry, or with a rule (the `pass stateful out all' in soho_gw-npf.conf) in npf? Bye and thank you! Rocky