[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf and windows networking

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: pf and windows networking
From: Greg Thomas <getbsd_(_at_)_sbcglobal_(_dot_)_net>
Date: Mon, 9 Dec 2002 20:07:17 -0800

On Monday, Dec 9, 2002, at 18:49 US/Pacific, David Norman wrote:

Windows Networking, or SMB, or samba or CIFS as you can call it has
great problems with being NATed. I have never gone into details, but
using it from behind NATing routers has never really worked for
anyone I know tried to.

I'd suggest an other solution. I assume you NAT because the client
machines you talk about have private IP-adresses. If this is in
fact true you should change the network so that all your on campus
routers know how to route to that private network, and NAT only
those connections going off-campus.

This gives you internally one IP address per computer and externally
only one visible IP address. My university handles the computer
pools like this (well, actually no NAT, only proxies) and I think
it's the right way to handle it.


What you're talking about still involves NATing somehow. The private
IP'ed stations would still need access to the Internet as well as the
Windows shares and 10.x.x.x wouldn't be routable.

You don't have to NAT private addresses on a private network. If it's your own network you can route what you like to route. The OP's suggestion of just routing amongst private their subnets and using NAT for those off-campus connections is fine.

Greg

Prev by Date: Re: 3.2: pf_test not called from if_bridge.c
Next by Date: Re: Sendmail, DNS and the extra dot ?
Previous by thread: Re: pf and windows networking
Next by thread: Re: Setting Clock
Index(es):
- Date
- Thread

Visit your host, monkey.org