Hello,
On Sonntag 21 Oktober 2007, Freifunk Dresden wrote:
Hello,
If I use SNAT to change the source address, all other nodes know where to send the ping answers:
The Ip of the wlan is 10.12.0.1 the ip of bbs is 172.16.0.1 iptables -t nat -I POSTROUTING -o bbs -j SNAT --to 10.12.0.1
A.eth1-A.bbc=====backbone=========B.bbs-B.eth1 -------------------C.eth1----------D.eth1 10...1 172...1 172...2 10...2 10...3 10...4
Sendint from A to D is not a problem, all packages the have the ip 172... as source address will be assigned the new 10er IP. Node B,C and D will send answer back to the 10er IP. Node B has a route to A over backbone (bbs).
If the only connection is via bbs or bbc the packages are natted to 172.12.. Only the the routers that are connected directly via the backbone (bbc->bbs) should have routing entries of 172.16.0.0/12. All other nodes in the network do not need to know these addresses and therefore I don't HNA these.
How could any non-neighboring node respond to a packet with a 172.12.. source address? I would say you better NAT to the IP addresses of your 10.10.0.0/8 because these are the addresses known by any node. But be careful not to NAT any OGMs and any forwarded traffic.
What can happen if I do the SNAT?
If you NAT any forwarded traffic, the source address of related packets is changed :-) Batmand supports asymmetric routing. That means the packets may be routed another way back than they have come. By doing NAT on the forwarded traffic within the mesh you may force packets to also pass along the NATting interface on their way back. But thats not very beautiful. And I am not shure about further side effects. Anyway, forwarded packets will not show any traces from your hidden backbone node. They will be passed along with source and destination addresses in the 10.10.0.0/8 range.
I think that OGMs are not FORWARDED.
Right! They are flooded by being re-broadcasted .
They only go OUT or come IN. because batmand does not use the iptable roles it does not know about the change of the source address. The OGMs are generated for the original interface ip. OGMs that A sends to B will be received via WLAN and also via BBS. When I understand batmand right it uses the interface where the OGMs are comming from
(then batman would have to trac the MAC addresses, but it is IP based )
to calulate the routes (not the source ip).
NO! Batman uses the source IP of each received OGM to identify if the OGM has been received - directly from the originator interface or - from another intermediate interface. This is important for many internal mechanisms.
ciao, /axel
Bye Stephan
B.A.T.M.A.N mailing list B.A.T.M.A.N@open-mesh.net https://list.open-mesh.net/mm/listinfo/b.a.t.m.a.n