[CUWiN-Dev] ipnat question + patch
David Young
dyoung at pobox.com
Sat Apr 23 00:54:24 CDT 2005
On Fri, Apr 22, 2005 at 11:42:44AM -0500, Bill Comisky wrote:
> On Wed, 20 Apr 2005, Bill Comisky wrote:
>
> >On Wed, 20 Apr 2005, David Young wrote:
> >
> >> On Wed, Apr 20, 2005 at 05:07:35PM -0500, Bill Comisky wrote:
> >>>
> >>> The CUWiN gateway in our testbed (currently rev 3014) is mapping
> >>> 10.0.0.0/8 to the address received via DHCP from the LAN in the
> >>> /etc/ipnat.conf file. Like:
> >>>
> >>> map sip0 10.0.0.0/8 -> 192.168.2.104/32 portmap tcp/udp 10000:20000
> >>> map sip0 10.0.0.0/8 -> 192.168.2.104/32
> >>>
> >>> Should this be "169.254.0.0/16 -> ..." now? We recently cannibalized
> >>> our
> >>> HSLS testbed, and in putting it back together I found I couldn't ping
> >>> from
> >>> a standalone node through the CUWiN gateway to our local LAN or
> >>> internet.
> >>
> >> I suspect the ping requests are going out with an address in 169.254/16.
> >> Is that right? You probably need my patch for source-address selection
> >> (attached).
> >
> >Yes, that's exactly what was happening. I applied the patch and rebuilt,
> >and it seems to be working now with the original ipnat.conf file. Thanks
> >for the patch and the info on the link-local addresses.
> >
> >bill
>
> One more question..ipnat effectively hides the 10.x.x.x address space from
> the network the gateway is plugged into, right?
Yes, that's what I'd expect.
>I wasn't sure if there
> was a design goal of hiding the CUWiN private addresses from the network
> the gateway is plugged into, or if that is up to whatever other
> routing/firewalling is going on in front of the gateway.
It's just a side-effect of the NAT.
Dave
--
David Young OJC Technologies
dyoung at ojctech.com Urbana, IL * (217) 278-3933
More information about the CU-Wireless-Dev
mailing list