Can you create a FreeBSD gateway, with private IPs, without NAT/divert ?
Matthew Seaman
matthew at FreeBSD.org
Sat Jun 7 09:35:04 UTC 2014
On 07/06/2014 07:22, None Secure via freebsd-net wrote:
> BUT, what if my ISP is giving me a private IP, and my internal
> network is also private IPs ? External gateway address is
> 192.168.1.2 and internal gateway address is 10.10.10.1 ... the ONLY
> way I could make this work is with natd and ipfw divert rules.
>
> My question is: is it possible to have a network of non-routable
> IPs, and a gateway with non-routable Ips on internal and external
> interfaces, and NOT use natd/divert ? Can it be done with no ipfw
> rules at all, just like I used to ?
Sure, it's possible, in theory. It just depends on whether your ISP's
kit will NAT for your 10.10.10.1 range as well as the 192.168.1.2
address they've assigned to you. Which I doubt -- the ISP kit is
probably only going to do the minimum necessary to provide service so
that it can support the maximum possible number of customers.
However, running your own NAT gateway between 192.168.1.2 and 10.10.10.1
shouldn't be a problem. You can NAT multiple times between where you
are and the Internet usually with no worse consequence than a bit of
extra latency on your traffic.
Cheers,
Matthew
PS. Roll on IPv6. None of this Heath-Robinsonesq NAT on top of NAT is
necessary in an IPv6 world.
--
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1036 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20140607/7d4b01af/attachment.sig>
More information about the freebsd-net
mailing list