Gary Gendel wrote:
> On 4/26/12 12:55 PM, James Carlson wrote:
>> If that works, then you'll probably want to go looking at your firewall
>> configuration.
>>
> Thanks for the -u option. That worked fine so now I have to figure out
> what's going on. Since the other machines work fine, it means that
> indeed it's because I'm on the same host as the router. I don't want to
> set port 123 to route specifically to this machine because that would
> break all the other machines ntp requests.
>
> This one is tricky.
I used to have similar problems on my home system. Because I have a /28
and a few spare external static IP addresses, I was able to set up a
second address on the main ("wan") interface as a work-around.
The first address has no NAT configured on it, and it's what everything
running locally on the machine uses by default. The second address is
used exclusively for NAT to the rest of my internal network.
I can't say this is the "best" solution, but it certainly seems to be
working well for me, and has eliminated a lot of annoyances. (In
particular, with the old single-address solution, I was forced to use
ftp in 'passive' mode all the time, because the ipnat configuration
didn't seem to like maintaining state for local applications. But with
two addresses, the problem goes away, and both local and internal
instances of ftp can run with either passive or non-passive mode without
trouble.)
Plus, it makes it much easier to filter NAT versus gateway traffic and
to look at packet traces.
--
James Carlson 42.703N 71.076W <carls...@workingcode.com>
_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
