Page archived courtesy of the Geocities Archive Project https://www.geocitiesarchive.org
Please help us spread the word by liking or sharing the Facebook link below :-)


NAT Examples Area.

Example configuration PLIP and PPP

In this configuration, a client machine is connected via PLIP to the NAT machine, and this one have a PPP connection to an ISP. I recomend also to check the PPP and PLIP documentation. Be carefull with the add_route command, you must follow the sequence to avoid configure wrong routing. 

The NAT interface is configured allowing any node to access using TCP or UDP packets. ICMP (ping) packets are disabled.

Client machine configuration

# netdefault psip2   (*)

# ifconfig -h 10.1.1.2 -n 255.255.255.0

# add_route -g 10.1.1.1 -d 0.0.0.0 -n 0.0.0.0 -v 

# plipctrl -l 10.1.1.2 -r 10.1.1.1 -e 

# plip.drv &   

You need to edit /etc/resolv.conf and add an entry like

nameserver 10.1.1.1

and also you need to connect the parallel cable between machines

(*) These commands are executed only once 

NAT machine configuration

# netdefault psip2  (*)

# ifconfig -h 10.1.1.1 -n 255.255.255.0 

# ifconfig -I /dev/ip3 -h 20.1.1.1 -n 0.0.0.0 

# plipctrl -l 10.1.1.1 -r 10.1.1.2 -e 

# plip.drv &  

# add_route -g 10.1.1.1 

# add_route -g 20.1.1.1 -I /dev/ip3 

# add_route -i -g 0.0.0.0 -d 10.1.1.0 -m 1 -n 255.255.255.0 

# add_route -i -g 0.0.0.0 -d 0.0.0.0 -m 5 -n 0.0.0.0 -I /dev/ip3

# natcfg -c /dev/ip3

# natcfg -E tcp

# natcfg -E udp

You need to dial to your ISP, and start ppp.drv using /dev/psip3 device. Also start nonamed pointing to the ISP's DNS. Be carefull to have ONLY one nonamed process.

# ppp.drv -b 38400 -I /dev/psip3 -a -t /dev/tty01 &

# nonamed -n ISP-DNS &

(*) These commands are executed only once 

 

Return to NAT page


Example configuration using Ethernet and PPP

The following example is using an ethernet device for LAN and a PPP link with an ISP to access Internet. The NAT interface allows only TCP packets from internal nodes, and the only allowed to do DNS queries via UDP is the internal node 10.1.1.1.

Client machine configuration

# netdefault eth0 (*)

# ifconfig -h 10.1.1.2 -n 255.255.255.0

# add_route -g 10.1.1.1 -d 0.0.0.0 -n 0.0.0.0 -v 

You need to edit /etc/resolv.conf and add an entry like

nameserver 10.1.1.1

(*) These commands are executed only once 

NAT machine configuration

# netdefault eth0 (*)

# ifconfig -h 10.1.1.1 -n 255.255.255.0 

# ifconfig -I /dev/ip3 -h 20.1.1.1 -n 0.0.0.0 

# add_route -g 10.1.1.1 

# add_route -g 20.1.1.1 -I /dev/ip3 

# add_route -i -g 0.0.0.0 -d 10.1.1.0 -m 1 -n 255.255.255.0 

# add_route -i -g 0.0.0.0 -d 0.0.0.0 -m 5 -n 0.0.0.0 -I /dev/ip3

# natcfg -c /dev/ip3

# natcfg -E tcp

# natcfg -o udp 10.1.1.1 53

You need to dial to your ISP, and start ppp.drv using /dev/psip3 device. Also start nonamed pointing to the ISP's DNS. Be carefull to have ONLY one nonamed process.

# ppp.drv -b 38400 -I /dev/psip3 -a -t /dev/tty01 &

# nonamed -n ISP-DNS &

(*) These commands are executed only once 

 

Return to NAT page


Example configuration using 2 Ethernet cards

The following example is using 2 ethernet devices. The default ethernet points to the internal network, the NAT interface is connected to a public segment. Here is important the configuration of the default routes. The internal network is a 10.1.1.x subnet, and the public network is 192.168.1.x subnet. The default router in the public network is 192.168.1.1 and the public DNS is 192.168.1.100 

The NAT interface only allows TCP connections from the internal network. The DNS queries are limited only for node 10.1.1.1 and only to the DNS 192.168.1.100 via UDP. No ICMP packets are allowed.

NAT machine configuration

# netdefault eth0  (*)

# ifconfig -h 10.1.1.1 -n 255.255.255.0 

# ifconfig -I /dev/ip1 -h 192.168.1.2 -n 255.255.255.0 

# add_route -g 10.1.1.1 

# add_route -g 192.168.1.2 -I /dev/ip1

# add_route -i -g 0.0.0.0 -d 10.1.1.0 -m 1 -n 255.255.255.0 

# add_route -i -g 0.0.0.0 -d 192.168.1.0 -m 1 -n 255.255.255.0 -I /dev/ip1

# add_route -i -g 192.168.1.1 -d 0.0.0.0 -m 5 -n 0.0.0.0 -I /dev/ip1

# natcfg -c /dev/ip1

# natcfg -E tcp

# natcfg -o udp 10.1.1.1 192.168.1.100 53

# nonamed -n 192.168.1.100

(*) These commands are executed only once 

The internal machines needs to be configured like the previous example.

 

Return to NAT page


The page's WebCounter count says that you are visitor number since

April 2000.


Copyright - Claudio Tantignone.

Last Modification: Sep 10, 2005.

1