Policy Routing / NAT Question
Hello.. I'm setting up a TCP protocol testbed for testing various enhanced TCP stacks for use over high bandwidth, high latency links such as Satellite. Due to hardware limitations of the FreeBSD boxes we're using (1U rackmount), there are no expansion slots left for additional network cards. This forces me to have to run some traffic over one gateway and the rest of the traffic over another gateway, all through one ethernet. The problem I have is I need to change the source address of some packets based on destination address. I was able to accomplish this in Linux using Source NAT. I'm not real well versed in FreeBSD hence the reason I'm asking for any assistance here. Does anyone have an idea how to change the source address based on destination address? Thanks in advance for any help. Ryan Wilkins ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Policy Routing / NAT Question
On 11 Jun 2003 08:55:53 -0400 Ryan Wilkins [EMAIL PROTECTED] wrote: Hello.. I'm setting up a TCP protocol testbed for testing various enhanced TCP stacks for use over high bandwidth, high latency links such as Satellite. Due to hardware limitations of the FreeBSD boxes we're using(1U rackmount), there are no expansion slots left for additional network cards. This forces me to have to run some traffic over one gateway and the rest of the traffic over another gateway, all through one ethernet. The problem I have is I need to change the source address of some packets based on destination address. I was able to accomplish this in Linux using Source NAT. I'm not real well versed in FreeBSD hence the reason I'm asking for any assistance here. Does anyone have an idea how to change the source address based on destination address? yes. in the ipnat configuration file you should write something like this: map interface from source to destination - nat address one thing though ... I've noticed the kernel trying to send the packets on the default gateway, no matter what the nat address was. So I used ipfw as well, for policy routing of nat'ed packets. I might have done something wrong as well, I really don't know, but searching the newsgroups archives I found no answer at all, and this seemed to be the only option. Thanks in advance for any help. Ryan Wilkins ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED] -- Vlad GALU Network Administrator VipNET Bucharest tel: 021/3039940 email: [EMAIL PROTECTED] web: http://www.vipnet.ro PGP: http://mirapoint.vipnet.ro/public_key.pgp pgp0.pgp Description: PGP signature
Re: Policy Routing / NAT Question
On Wed, 11 Jun 2003, Vlad GALU wrote: Satellite. Due to hardware limitations of the FreeBSD boxes we're using(1U rackmount), there are no expansion slots left for additional There are several 4, 6 and 8 port ethernet cards on the marked - which only take up one slot. I've also solved this issue in the past by using an expensive switch and a gigabit card to fan out to 100mbit/full-duplex. Dw ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Policy Routing / NAT Question
On Wed, Jun 11, 2003 at 08:55:53AM -0400, Ryan Wilkins wrote: Hello.. I'm setting up a TCP protocol testbed for testing various enhanced TCP stacks for use over high bandwidth, high latency links such as Satellite. Due to hardware limitations of the FreeBSD boxes we're using (1U rackmount), there are no expansion slots left for additional network cards. This forces me to have to run some traffic over one gateway and the rest of the traffic over another gateway, all through one ethernet. The problem I have is I need to change the source address of some packets based on destination address. I was able to accomplish this in Linux using Source NAT. I'm not real well versed in FreeBSD hence the reason I'm asking for any assistance here. Does anyone have an idea how to change the source address based on destination address? If all of these possible source addresses belong to the same interface of the box in question (it's unclear from your message), this can be done with route(8). For example: # ifconfig rl0 inet rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.4.115 netmask 0xff00 broadcast 192.168.4.255 inet 10.0.0.1 netmask 0xff00 broadcast 10.255.255.255 inet 10.0.0.2 netmask 0x broadcast 10.0.0.2 # route add -net 11 10.0.0.3 add net 11: gateway 10.0.0.3 # route add -net 12 -ifa 10.0.0.2 10.0.0.4 add net 12: gateway 10.0.0.4 The route to the network 12 says to use 10.0.0.2 as the source address when sending anonymous (with unfilled source address) datagrams. But if you need to change the traffic originated from other hosts on your box, there are several NAT solutions for you. Cheers, -- Ruslan Ermilov Sysadmin and DBA, [EMAIL PROTECTED] Sunbay Software Ltd, [EMAIL PROTECTED] FreeBSD committer pgp0.pgp Description: PGP signature
Re: Policy Routing / NAT Question
Hi.. thanks for your response.. it did exactly what I needed. I tried some of the other solutions provided earlier in the day and ended up locking up a machine 340 miles away from here which is a good 6-7 hour drive from where I am currently. Thanks again, Ryan Wilkins On Wed, 2003-06-11 at 14:15, Ruslan Ermilov wrote: On Wed, Jun 11, 2003 at 08:55:53AM -0400, Ryan Wilkins wrote: Hello.. I'm setting up a TCP protocol testbed for testing various enhanced TCP stacks for use over high bandwidth, high latency links such as Satellite. Due to hardware limitations of the FreeBSD boxes we're using (1U rackmount), there are no expansion slots left for additional network cards. This forces me to have to run some traffic over one gateway and the rest of the traffic over another gateway, all through one ethernet. The problem I have is I need to change the source address of some packets based on destination address. I was able to accomplish this in Linux using Source NAT. I'm not real well versed in FreeBSD hence the reason I'm asking for any assistance here. Does anyone have an idea how to change the source address based on destination address? If all of these possible source addresses belong to the same interface of the box in question (it's unclear from your message), this can be done with route(8). For example: # ifconfig rl0 inet rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.4.115 netmask 0xff00 broadcast 192.168.4.255 inet 10.0.0.1 netmask 0xff00 broadcast 10.255.255.255 inet 10.0.0.2 netmask 0x broadcast 10.0.0.2 # route add -net 11 10.0.0.3 add net 11: gateway 10.0.0.3 # route add -net 12 -ifa 10.0.0.2 10.0.0.4 add net 12: gateway 10.0.0.4 The route to the network 12 says to use 10.0.0.2 as the source address when sending anonymous (with unfilled source address) datagrams. But if you need to change the traffic originated from other hosts on your box, there are several NAT solutions for you. Cheers, -- Ryan Wilkins [EMAIL PROTECTED] Deadfrog Networking Systems ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
