Ah! Right you are! I said it was early in the morning when I posted. :) I missed your point about full NAT and was just thinking of the bastardization of the term to mean masquerading. :) ~Jay On Sat, 8 Jan 2005, Bill Jonas wrote: > On Sat, Jan 08, 2005 at 11:53:30AM -0700, Jay wrote: >> In George's case that will not work. As I understand his problem, the >> source external/public address of the HTTP connection needs to be >> difference for each internal machine. > > It absolutly *would* work. That's what NAT means -- network address > *translation*. > > Suppose, as a simple case, you have two LANs which are both using > 192.168.0.0/16. If you were to connect them, you'd have to renumber one > of them, right? > > Wrong. You can, with a Linux (or OpenBSD or Cisco or something else) > router, make network A think that network B's addresses are in the > 10.5.0.0/16 range. Anything sent from A with a destination address in > 10.5.0.0/16 will be translated by the router as being intended for > network B and re-written with the appropriate destination address in the > 192.168.0.0/16 range. At the same time, the source address would also > be re-written to be in, say, the 10.8.0.0/16 range, and B's router would > make the appropriate translation when the packets got there, and for > traffic destined for A. > > In this case, it's only half as complex. Only the source needs to be > re-written for outbound traffic; the destination stays the same. > > A simpler explanation can be found at > > and . > > This whole discussion is academic if he's using a 2.2 or earlier kernel; > 2.0 and 2.2 only had the ability to do masquerading (i. e., one external > address to many internal addresses) and not full-on NAT (many-to-many). > You need 2.4 and up to do NAT. > > -- ~Jay --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss