I am looking to replace a proprietary DSL router/modem with the Sangoma S518 ADSL 
PCI Controller, thereby placing a FreeBSD (4.10-Stable) server running ipfw to handle 
access, firewall and nat duties.

The ISP's DSL package includes 8 static ip addresses: -
1 - network addr
1 - broadcast addr
1 "router" address
5 usable ip addresses

I have been reading up on NAT and address redirection in the HandBook 
(http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html) and have 
come accross section 19.13.5
Address Redirection. Here it reads:

The -redirect_address syntax is as follows:
-redirect_address localIP publicIP
localIP         The internal IP address of the LAN client.
publicIP        The external IP address corresponding to the LAN client.

In the example, this argument would read:

What I would like to know is if it is possible to do to following: -
Given that the 5 usable public IP's are:,,, &
1] G'Way host is assigned its own public IP -
2] LAN hosts' (all) traffic is NAT'd using one of the other public IP's -
3] Remaining 4 public IP addresses are left to be used other purposes (eg: "true" 
address redirection to a DMZ-host, that is not a member of the internal LAN subnet)

As you see, the g'way's public ip is not being used for NAT'ing internal hosts' 
outgoing traffic, but another ip from within the assignied public ip address range. My 
reading of the NAT chapter does not suggest that there is a way to define the public 
IP with which traffic is to be translate. Is this functionality not supported, or have 
I missed something when reading the various sections?

I'd appreciate any pointers to where I might find more information that might assist 
me, or an explanation of what it is that I am not understanding when reading the 

Thanks for the time.



Attachment: pgpmAIbnXhIeY.pgp
Description: PGP signature

Reply via email to