Bug 33724
| Summary: | [patch] fix Handbook error about Advanced Networking | ||
|---|---|---|---|
| Product: | Documentation | Reporter: | Saurabh Gupta <saurabh_gupta77> |
| Component: | Books & Articles | Assignee: | Remko Lodder <remko> |
| Status: | Closed FIXED | ||
| Severity: | Affects Only Me | ||
| Priority: | Normal | ||
| Version: | Latest | ||
| Hardware: | Any | ||
| OS: | Any | ||
Responsible Changed From-To: freebsd-bugs->freebsd-doc Mis-filed PR. Responsible Changed From-To: freebsd-doc->chern I'll take care of getting this into the doc tree. Responsible Changed From-To: chern->freebsd-doc With bugmeister hat on, reassign from recently inactive committer. State Changed From-To: open->closed I added a little note about this that the example will only focus on machines with at least two nics. Although i really appriciate it that you think along, i do not think we should have this information in the handbook. People that are willing to apply this should consider a lot more then just connect it. For example the security risks which are involved etc. And then again, the prices of NICs are even lower today so, people are better of buying a extra nic so they can communicate with the internet with a 'standarized' setup. With this explaination; close the PR. Thanks for the submission though! Responsible Changed From-To: freebsd-doc->remko Let feedback be pushed back to me so that we might be able to do something with it. |
In the FreeBSD Handbook, Please refer to chapter 17 "Advanced Netowrking" Section 11.2, "Network Address Translation - Setup " Paragraph no. 3 (i.e, handbook -> 17.11.2, paragraph 3) It states (and I quote) This gateway machine must have two NICs--one for connecting to the Internet router, the other connecting to a LAN". (end quote) This is inaccurate, the least you need for NAT is just one NIC. and a dumb hub connected to it and the incoming gateway/router also connected to this same hub. the NIC in the FreeBSD box should have 2 aliases. One being the original ip address and other a server for local lan in one of the allowed ranges. eg. (192.168.0.1 ......) The configuration is also mostly same except one ought not use in /etc/rc.conf natd_interface="fxp0" instead natd_flags be used. natd_flags=" -alias_address <the original ip assigned to you by the isp> <also any other flogs you might like>" mine looks like natd_flags=" -use_sockets -same_ports -unregistered_only -alias_address 1.2.3.4" ************* but this also breaks the /etc/rc.network script so I tweaked it a lil bit ************* the diff looks as follows : myprompt# diff rc.network1 rc.network2 296c296 < echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} --- > echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} > basically remove the last argument for the natd daemon. oh yeah I also had to change a line in my /etc/rc.firewall : # ${fwcmd} add 50 divert natd all from any to any via ${natd_interface} ${fwcmd} add 50 divert natd all from any to any via 1.2.3.4 # here 1.2.3.4 is my actual ip but in hindsight i dont think this change is necessary, dont remember why i did it. Try it without but keep it to fallback. also as mentioned above alias is required following is a sample ifconfig_rl0_alias0="inet 192.168.0.1 netmask 255.255.255.0" rl0 should be replace with your interface name of the NIC "use ifconfig to find that out also see the man" Be sure to follow all the other information the the handbook(section 17.11.2) It can be argued that this could be a cause for slow net activity because in reality all packets that are going out are written twice on the hub once when the FreeBSD gateway reads it and then when it spews it back out for the router but hey i figured that I was using dsl with a maximum speed of 1.5mbps whereas the local lan has a cutoff over 10/100 mbps on ethernet so ..... So far I have about 5 computers running this way and yet to see a degradation in quality or speed. Necessity : It could be used for setting up a little local network without investing in another nic (sounds really cheap 10 bucks and i would have gotten a new nic , well i added 20 more bucks and spend that on getting FreeBSD rather than downloading, worthwhile choice I must endorse) or whatever new interface future brings to us NETWORK DIAGRAM +-------------------+ +--------+ |FreeBSD natd-gate | | HUB | |outside IP on NIC1 | | | |alias 192.168.0.1 |NIC1-------------------+= | |to NIC1 with net- | | | |-mask 255.255.255.0| | | +-------------------+ | | +----------------+= | +-------------------+ | | | | 192.168.0.5 | | | | | gateway |------+ | | | 192.168.0.1 | | | +-------------------+ +------------+= | | | | +-------------------+ | | | | 192.168.0.6 | | | | | gateway |----------+ | | | 192.168.0.1 | | | +-------------------+ +--------+= | | | | +-------------------+ | | | | 192.168.0.4 |--------------+ | | | gateway | +----+= | | 192.168.0.1 | | | | +-------------------+ | +--------+ | +-------------------+ | | HAS TO BE +------------------+ | NOTHING REALLY | | in my case it is | | an unconfigurable | | gateway DSL +===================================>INTERNET< +-------------------+ Thats about all I had to do. If anyone has a question feel free to email me. saurabh_gupta77@yahoo.com Fix: see the discription How-To-Repeat: see the discription