Changing the NAT IP on demand?

Julian Elischer julian at elischer.org
Mon Oct 6 09:27:53 PDT 2003 


On Mon, 6 Oct 2003, Leo Bicknell wrote:

> In a message written on Sun, Oct 05, 2003 at 08:11:05PM -0600, Nick Rogness wrote:
> > 	In addition to keeping your NAT translations (as suggested by
> > 	Wes), you need to also keep routes for those entries as well, so
> > 	that preserved traffic remains to route out the right ISP even if
> > 	a switch occurs.
> 
> You're right, however I would go with a different mechanism, but one
> I've also never tried to do.  What you want is routing based on the
> source address of the packet, not the destination as per usual.  You
> want to be able to say "source a.a.a.a goes out link A".  I've never
> tried to do it on FreeBSD (it's easy on say Cisco's, with a bit of a
> performance hit on some platforms).  


this is very easy using the ipfw 'fwd' rule..

> 
> In a message written on Mon, Oct 06, 2003 at 05:28:57PM +0400, Yar Tikhiy wrote:
> > Just a random thought: If natd(8) were taught to change its default
> > alias address on the fly (it's just a single variable,) then the
> > desired effect would be achieved exactly.  That's because any session
> > already having its own entry in natd's aliasing table would use its
> > old alias address kept in the entry.  BTW, one could switch between
> > even more than 2 external connections in that manner.  And that's
> > just a step away from session-aware load-balancing with natd(8).
> 
> That's exactly what I was thinking, and more or less why I asked.
> 
> Note, I think this configuration would be useful in a lot of other
> applications as well.  Consider someone who can get, say, a 128k
> symmetric DSL line, and a 56k up 1M down satellite link.  If using
> this "trick" you could direct latency sensitive (ssh, telnet, ntp)
> traffic over the DSL line, and send bulk data (http, ftp) over the
> satellite link that could be quite useful.
> 
> I think I'm going to have to set up a lab box now and dig into this
> at a deeper level.
> 
> -- 
>        Leo Bicknell - bicknell at ufp.org - CCIE 3440
>         PGP keys at http://www.ufp.org/~bicknell/
> Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org
>

More information about the freebsd-hackers mailing list