Subject: Re: IP NAT
To: M. Bartosh <bartosh@tamu.edu>
From: Paul Goyette <paul@whooppee.com>
List: port-mac68k
Date: 08/25/1998 19:38:36
On Tue, 25 Aug 1998, M. Bartosh wrote:
> [SNIP]
>
> > >
> > > inet 165.91.120.32 netmask 255.255.254.0
> > >
> > > ipnat.conf says:
> > >
> > > map sn0 10.0.2.0/24 -> 165.91.120.0/32 portmap tcp/udp 10000:40000
> > >
> > > Any obvious problems?
Yep! Based on the above netmask, your ae0 is set up for a subnet that
includes all addresses between 165.91.120.0 through and including
165.91.121.255. The front end of that address range is reserved for
compatability with older BSD-style broadcast addresses, while the back
end of the range is the more modern broadcast address.
Your ipnat.conf file says to map the network 10.x.y.z addresses to an
address that is exactly 165.91.120.0 (the /32 means "match all 32 bits")
so any IP packets that you send out have 165.91.120.0 as their source
address. Anyone receiving those packets will attempt to send the
response to 165.91.120.0 but there's noone listening to that address.
-----------------------------------------------------------------------------
| Paul Goyette | Public Key fingerprint: | E-mail addresses: |
| Network Engineer | 0E 40 D2 FC 2A 13 74 A0 | paul@whooppee.com |
| and kernel hacker | E4 69 D5 BE 65 E4 56 C6 | paul.goyette@ascend.com |
-----------------------------------------------------------------------------