Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: openbsd.org > misc > 02 > 111289.html (Request Expert openbsd.org Support)

Doing nat only with <ONE> nic

From: David Rio <is04607(at)salleURL.edu>
Date: Thu Nov 21 2002 - 06:42:24 EST


Hi all:

A friend of mine has bought a new internet access. The ISP gave him a "modem-bridge" that has one ethernet port. Clients has to use dhcp to get ip addresses. This Ip addresses are public ones and only two computers can be using the internet access at the same time. Dirty? sure. My friend has four computers and wanted that all of them would have internet access. I tell him: Hey!! Now it is time to get openbsd in your live!!
So I got an old machine that he had at home and use it to configure the almost typical NAT-setup. What I say almost? Well, I say that because the machine that will do NAT has only ONE NIC. I thought that, theoretically, I will be able to use the NAT-setup putting two ip addresses in the NIC. So, I followed the classical procedure:

  1. /etc/rc.conf pf=YES
  2. /etc/sysctl.conf net.inet.ip.forwarding=1
  3. /etc/hostname.ne3 dhcp inet alias 10.0.1.1 255.255.255.0
  4. /etc/pf.conf 
	nat on ne3 from 10.0.1.0/24 to any -> $PUBLIC_IP
	pass in all
	pass out all

Well, with this setup it works like a charm. What is the problem? Problem is that $PUBLIC_IP can change and how I have alias over the ne3 interface I can't put this pf.conf line:

        nat on ne3 from 10.0.1.0/24 to any -> ne3

If I try to reload pf with this new setup I get this error:

marty:/tmp $ sudo pfctl -f /etc/pf.conf /etc/pf.conf:17: translation address expands to multiple IPs of this address family
pfctl: Syntax error in file: pf rules not loaded

Umm!! What a pity.
Is there any one who can give me some solution?

And one more thing: I would want to setup a dhcp server, will I find some problem having aliases on the NIC?

Do you need help?X

Thanks in advance and apologize about my crappy english.

P.S: What do you think about this scenario? I mean, would you use two NIC instead one? Why? Which problems do you see? Received on Thu Nov 21 06:43:44 2002

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:31:39 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library