[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Doing nat only with <ONE> nic
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Doing nat only with <ONE> nic
- From: David Rio <is04607_(_at_)_salleURL_(_dot_)_edu>
- Date: Thu, 21 Nov 2002 12:42:24 +0100 (CET)
A friend of mine has bought a new internet access. The ISP gave him a
"modem-bridge" that has one ethernet port. Clients has to use dhcp to get
ip addresses. This Ip addresses are public ones and only two computers can
be using the internet access at the same time. Dirty? sure.
My friend has four computers and wanted that all of them would have
internet access. I tell him: Hey!! Now it is time to get openbsd in your
So I got an old machine that he had at home and use it to configure the
almost typical NAT-setup. What I say almost? Well, I say that because the
machine that will do NAT has only ONE NIC. I thought that, theoretically,
I will be able to use the NAT-setup putting two ip addresses in the
NIC. So, I followed the classical procedure:
inet alias 10.0.1.1 255.255.255.0
nat on ne3 from 10.0.1.0/24 to any -> $PUBLIC_IP
pass in all
pass out all
Well, with this setup it works like a charm.
What is the problem? Problem is that $PUBLIC_IP can change and how I
have alias over the ne3 interface I can't put this pf.conf line:
nat on ne3 from 10.0.1.0/24 to any -> ne3
If I try to reload pf with this new setup I get this error:
marty:/tmp $ sudo pfctl -f /etc/pf.conf
/etc/pf.conf:17: translation address expands to multiple IPs of this
pfctl: Syntax error in file: pf rules not loaded
Umm!! What a pity.
Is there any one who can give me some solution?
And one more thing: I would want to setup a dhcp server, will I find some
problem having aliases on the NIC?
Thanks in advance and apologize about my crappy english.
P.S: What do you think about this scenario? I mean, would you use two NIC
instead one? Why? Which problems do you see?