use ip_masq, and not NAT, methinks
Question about NAT (Bill Schriver)
|
I am 95% clear on your question, and will propose a solution based on that, but will also state my understanding of the problem, in case the problem I am solving is not at all what yours is.
This is my problem...I need to be able to do the following... I have a LINUX machine with a class "C" ip address let's say 206.30.2.13 and I have 255 more class "C" ip's to use on my network they are in the range of 206.30.12.1 to 206.30.12.255 I also have a NT4.0 server running dchp server with a class "B" network.
| Internet side
|
| 206.30.2.13
--------
| LINUX |
---------
class B address,|
150.1.1.1 |
let's say | intranet side
-----------------------
|
| 150.1.1.2, with a default gateway of 150.1.1.1
----------
| windows |
| 95 client|
----------
this is quite straightforward, and you don't need to use linux NAT to do it, as long as I have stated the problem correctly, and there are no outstanding gotchas. You need to use ip_masquerading if all you need to do is allow users to surf the web, download files via ftp or http, realaudio, cuseeme, irc, stuff like that. Look at http://ipmasq.dyn.ml.org for more inforation on this topic. It will allow the people on the inside to get to the outside, and surf the web or whatever they need to do. the linux box will see their outgoing packets, and rewrite the source address and port on their packets, so when the web server out there on the big bad Internet gets it, it will reply to the box which is doing the masquerading. When the masquerading box gets the return packets, it remembers who it needs to ship them to, rewrites the headers back the other way, and hands them off internally. slick, eh? keep us posted, and if you have any questions, write them back here, so we can all help you.
have fun, rob
|
Messages
Outline:
wrong URL in that last one.... by Rob Walker, 5/10/98
