Network Address Translation (NAT, also known as Network Masquerading, Native Address Translation or IP Masquerading) involves re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address (see gateway). Many network administrators find NAT a convenient technique and use it widely. Nonetheless, NAT can introduce complications in communication between hosts and may have a performance impact.
As FreeBSD mania, i would like to share my experience build up a NAT gateway.
this is the topology.
I would like to use NAT in this case. The gateway has two NIC, one for the upstream and one for the downstream. I use realtek interface card to be the upstream interface. I give it IP address 202.14.xxx.xxx. And the other interface i give IP address 192.168.1.1.
Then I use packet filter ( PF ) to run NAT function.
This is the configuration to load pf in booting system
edit your /etc/rc.conf
pf_enable=”YES”
pf_rules=”/etc/pf.conf”
pflog_enable=”YES”
pflog_logfile=”/var/log/pflog”
gateway_enable=”YES”
then edit the /etc/pf.conf
nat on rl0 from 192.168.1.0/24 to any -> (rl0)
after that, try the PC client the allocation IP address.
And, Its done.
-nanta-
Nanta
2 responses so far ↓
freebsd // November 24, 2007 at 7:56 am
There are a lot of things that can be done also with pf itself
danasatriya // November 24, 2007 at 2:02 pm
hooo
Leave a Comment