Hi,
Currently, I'm in the process of switching from Linux to FreeBSD in our Amazon EC2 (VPC) infrastructure. We use an instance that serves as the "NAT box" (it's really PAT) using iptables that sets up the masquerading. It works great, and this is all over a single interface that uses an internal RFC 1918 IP (Amazon EC2 then does its own translation using an Elastic IP at the gateway of the NAT box -- nothing needed on the box to make that work).
See this page <http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html> for details. The commands to allow the NAT instance to serve as the NAT box is:
How can this be done using FreeBSD v10? Everything I've read says you need to have two interfaces to do NAT, but I must be missing something.
Thanks!
Currently, I'm in the process of switching from Linux to FreeBSD in our Amazon EC2 (VPC) infrastructure. We use an instance that serves as the "NAT box" (it's really PAT) using iptables that sets up the masquerading. It works great, and this is all over a single interface that uses an internal RFC 1918 IP (Amazon EC2 then does its own translation using an Elastic IP at the gateway of the NAT box -- nothing needed on the box to make that work).
See this page <http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html> for details. The commands to allow the NAT instance to serve as the NAT box is:
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -o eth0 -s 10.100.20.0/24 -j MASQUERADE
How can this be done using FreeBSD v10? Everything I've read says you need to have two interfaces to do NAT, but I must be missing something.
Thanks!