NATd on a v5 ET/BWMGR Appliance

Enabling NATd (Network Address Translation) on a v5 ET/BWMGR bandwidth management appliance.


Kernel Modules

In v5 kernel modules are no longer necessary.

Interfaces and Addresses

NATd requires two interfaces with active IP addresses: a private interface and a public interface. The public interface is also called the NAT interface.

For the example, suppose that:

igb0 is the public interface set the
igb1 is the private interface with an address of / 24


You must create a script with the proper ipfw commands to set up the nat. Lets call this /etc/rc.natd

if [ "$1" = "stop" ] ; then
/sbin/ipfw -q delete 8100
/sbin/ipfw -q delete 8200
/sbin/ipfw -q nat 100 delete
/sbin/ipfw -q nat 100 config if igb0 same_ports \
redirect_port tcp 14000 \
redirect_port tcp 515 \
/sbin/ipfw -q add 8100 nat 100 all from any to any via igb0
/sbin/ipfw -q add 8300 nat 100 all from to any via igb0


In the above example, network is directed to use port igb0 as its "NAT" address. Also, we've included some port mappings. Suppose you have a web servier on that you want to have public access. The mapping above will allow the server to be accessed via port 14000. Also, a printer at would be able to be accesses as we've passed through the 515 port to the printer.

Starting the NAT

You can start the nat by putting a line in /etc/rc.local

sh /etc/rc.natd

You'll want to test it manually first, of course.

Next: End of Life for ET/BWMGR v4.x