So I want to use one of the addresses in the /29 as the endpoint. That prefers a static IP at my end so it knows where to send inbound connections (there is a dynamic option using dynamic DNS but I would prefer not to use it). I use a 6in4 tunnel from Hurricane Electric. One thing I haven't been able to get working, however, is 6in4. Iptables -t nat -I POSTROUTING -p all -d 10.0.0.2 -j SNAT -to 217.36.xx.yy Iptables -I FORWARD -p udp -d 10.0.0.2 -dport domain -j ACCEPT Iptables -I FORWARD -p tcp -d 10.0.0.2 -dport domain -j ACCEPT Iptables -t nat -I PREROUTING -p all -d 217.36.xx.yy -j DNAT -to 10.0.0.2
I then have selective rules doing 1:1 rules DNAT on the way in, SNAT on the way out. There's an interface vlan1, and I've bound all 6 usable IP addresses to that interface. The Wi-Fi in the router is bridged to the switch ports.Īt the moment I've got things mostly working in a reasonable fashion, cobbled together from various guidelines on multi-IP configurations with dd-wrt and Tomato/Tomato USB. Most machines are DHCPed, but various servers are static IPed. But I also get a /29 that's routed to me. The actual WAN interface, ppp0, is PPPoE with a dynamically assigned IP (and it's very dynamic, new IP address every time). My new ISP's configuration strikes me as silly. It was easy enough to configure my Tomato USB router with this configuration, using NAT to use machines behind the router.īut now I have a new ISP. My old ISP provided a single DHCP-assigned static IP address.
0 kommentar(er)
