/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
On Thu, 19 Aug 1999, Alan Izzo wrote:
> > Well, your description implied to me that you had a block of IP
> > addresses from your ISP and you wanted them to map one-to-one to
> > systems behind your firewall. Did I misunderstand?
>
> Yes, my example does have a block of IP address, but not enough for each
> of the boxes on the local networks. I have a block of say 3 "real" IP
> addresses and I want 10 boxes on network 192.168.0.x to masq through one
> of the IP addresses (simultaneously) and I want 20 on network
> 192.168.1.x to masq through another one of the IP addresses (also
> simultaneously). As I understand it, to use NAT in this environment I
> would need 30 real IP addresses...
>
> > You can specify more than one set of address translations, so you
> > could do (for example) an entire class C address space if you wanted.
> > Were you thinking you could only do one?
>
> One in the sense that it is only a one-to-one mapping at any given time,
> unlike masq which is many-to-one. I really need many-to-one mappings...
Ah! Okay, many many-to-one mappings.
Masquerade cannot do this on one NIC using IP aliasing because the
outbound packets get the "real" (i.e. first) IP address assigned to
the interface.
You could do this with three "external" NICs, each one having one of
your static IPs, and the source-routing hack (which allows you to
specify the routing table by source address as well as destination
address, useful for traffic limiting as well).
That's a pretty ugly solution, though.
--
John Hardin KA7OHZ [EMAIL PROTECTED]
pgpk -a finger://gonzo.wolfenet.com/jhardin PGP key ID: 0x41EA94F5
PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
-----------------------------------------------------------------------
Monty Python's Star Trek Voyager:
A successful trans-warp experiment turns Paris and Janeway into
newts, but they get better.
...wait a minute... It's already been done...
-----------------------------------------------------------------------
9 days until A Civil Conflict is released
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
