Avoiding natd overhead
- From: Brett Glass <brett@xxxxxxxxxx>
- Date: Sat, 21 Oct 2006 00:47:54 -0600
I'm working with a FreeBSD-based router that's using IPFW for policy routing, traffic shaping, and transparent proxying and natd for network address translation. IPFW does these things pretty well (in fact, I don't know if another firewall, like pf, could even do some of these things I'm doing with IPFW), but natd is by far the most CPU-intensive process on the system and is causing it to crumple like a wet towel under heavy loads. How can I replace just the functionality of natd without moving to an entirely new firewall? Can I still select which packets are routed to the NAT engine, and when this occurs during the processing of the packet?
--Brett Glass
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: Avoiding natd overhead
- From: Julian Elischer
- Re: Avoiding natd overhead
- From: Chris Bowman
- Re: Avoiding natd overhead
- From: Matthew D. Fuller
- Re: Avoiding natd overhead
- From: Vladimir Grebenschikov
- Re: Avoiding natd overhead
- From: Baldur Gislason
- Re: Avoiding natd overhead
- Prev by Date: Re: Gigabit performance test
- Next by Date: Re: Avoiding natd overhead
- Previous by thread: more on pfil and bridging
- Next by thread: Re: Avoiding natd overhead
- Index(es):
Relevant Pages
|
|
