NAT solution for Linux?
Is there a kernel module and/or software that provides Network Address
Translation (something similar to what Cisco's PIX product does)?
I know about Masquerading; I have friends who use it, and I'm building
such a machine for my home network. However, we have some large
locations, and customers with large locations, who would like to use
NAT. Right now this means going with the PIX product. I believe
there's an NT solution but I've never used it, so I can't recommend it.
There was a mention of a NAT effort on the bsdi list a while ago ... so,
I figured it wouldn't hurt to ask about it here.
For those who don't know, NAT uses the concept of "pools" ... private
addresses on the "inside" are mapped to public addresses on the
"outside. The public addresses are drawn from a pool. In other words,
each client has its own IP address, or translation slot, whereas a
masquerading proxy server uses Port Address Translation, where all
requests come from the same public IP address. The PIX has some cool
security features for each translation slot ... though it seems to me
this could be more generalized if done on top of Linux.
If I were some sort of programming wizard I think this would be a good
project to take on ... however, I'm no wizard :/
--
Nathan Norman
MidcoNet - 410 South Phillips Avenue - Sioux Falls, SD 57104
phone: (605) 334-4454 fax: (605) 335-1173
mailto://finn@midco.net http://www.midco.net
PGP Key ID: 0xA33B86E9 - Public key available at keyservers
PGP Key fingerprint: CE03 10AF 3281 1858 9D32 C2AB 936D C472
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: