[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Use two nat's for an extra IP

Hi, my setup looks like the usual one. Internet -> router with openbsd 3.5 ->
switch -> hosts. 
I recently got a second IP from my ISP but I don't want to use it on an
external box directly to the internet. So I used ifconfig alias and added the
second IP tp my openbsd box. 
I just needed ssh, http and https to an internal box but with the new IP so I used PF 
and added this rule, is the internal ip of the box I want to
forward the traffic. I also wanted all traffic from to use the
new IP and not my old one.
nat on $ext inet from to any -> new_ip
I already had this rule in my config:
nat on $ext inet from ($int)/24 to any -> old_ip
I then added my rdr-rules to the new box. It all seems to work perfectly but
what I would like to know if is this is a correct way of doing what I want to
do or is there any better or more correct solution? 
Does it matter which one of my nat rules comes first in my config?
Daniel Johansson - <[email protected]>