Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.wildstar.net!news.ececs.uc.edu!newsfeeds.sol.net!news.maxwell.syr.edu!cpk-news-hub1.bbnplanet.com!news.bbnplanet.com!ais.net!uunet!in1.uu.net!204.147.226.2!quack!quack.kfu.com!nsayer From: nsayer@quack.kfu.com (Nick Sayer) Newsgroups: comp.unix.bsd.freebsd.misc Subject: natd with only one Ethernet card Date: 31 Mar 1997 19:56:12 GMT Organization: The Duck Pond public unix - http://www.kfu.com/ Lines: 47 Message-ID: <5hp4ss$4l$1@phoenix.kfu.com> NNTP-Posting-Host: quack.kfu.com X-Newsreader: NN version 6.5.1 (NOV) Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:38211 A friend of mine has a bunch of machines in his house and one of those "cable modems". A cable modem is a box with an Ethernet outlet. You are allowed to have one IP address only on the other end of that Ethernet. You get asymetric connectivity speeds, but it is generally supposed to be in the hundreds of K/s "down". Since my friend has more than one machine he found it inconvenient to have only one address. He did, however, have a FreeBSD machine, so I came to the rescue. :-) I managed to set up natd with only one Ethernet card (the documentation presumes you have an "inside" interface and an "outside" one). First, set up two addresses on the interface. One of them should be set up according to the instructions provided by your provider. The other should be set for one of the private networks, say 10.1.1.254/24. Your ipfw rules then should look like this: ipfw add divert 32000 ip from any to [cablemodemip] via ed0 in ipfw add divert 32001 ip from 10.0.0.0/8 to any via ed0 out ipfw add pass ip from any to any Then run natd like this: /sbin/natd -s -i 32000 -o 32001 -n ed0 (ed0 should be changed to the appropriate interface, obviously). The idea is to segregate the traffic so that only the stuff that is on its way in our out goes into natd. Set up all your machines on the 10 net and set their gateway to .254. The downside is that this doubles the traffic that is going in or out, but in my friend's case, this isn't a big deal. -- Nick Sayer <nsayer@quack.kfu.com> | TRUE GIANTS OF HISTORY #102 N6QQQ @ N0ARY.#NORCAL.CA.USA.NOAM | +1 408 249 9630, log in as 'guest' | Edwin Armstrong URL: http://www.kfu.com/~nsayer/ | Radio Pioneer