I'm trying to work out a BGP setup for the first time. I'm a sys admin, not a network admin, so bear with me.

So far, I've gotten BGP setup so I can access the internet from the OpenBSD box, but now I want to NAT the connection.

My ISP assigned a block of addresses, we'll say 10.10.10.0/24 just for fun, and they also gave one single address to use for my firewall, we'll call it 192.168.1.254. (I know these are private addresses, just pretend they're public.)

So I assigned the 192.168.1.254 address to bge0 and now I can get online. However, I'm trying to figure out what to do with the other block of addresses that are not in the same subnet so I can NAT to them.

I've tried this for /etc/hostname.bge0:
inet 192.168.1.254 255.255.255.0
inet alias 10.10.10.1 255.255.255.0

but I can't seem to NAT to the 10.10.10.1 address in pf.conf.

How can I get this to work?

TIA

Are you sure you are talking about BGP? Border gateway protocol?

You have a public ASN number registered with Arin? And, its endpoint is an openBSD box?

Yes, I've got my AS number.

I think I've figured it out. I tried using "match" statements in my pf.conf but they didn't work so I used "pass" statements instead with nat-to and now it seems to be happy. I don't really understand what "match" actually does so I don't know why it wasn't working.