Re: Large-scale 1-1 NAT
- From: Christopher Cowart <ccowart@xxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 24 Sep 2007 13:37:29 -0700
On Mon, Sep 24, 2007 at 12:57:19PM +0200, Max Laier wrote:
On Monday 24 September 2007, Cristian KLEIN wrote:
Christopher Cowart wrote:
The real question is: what's the best way to dynamically update the
NAT table?
You may use IPFW with IPNAT or PF instead. PF is able to reload its
configuration without disruption. Moreover, because the state table is
not flushed during a reload, you can even move NATed clients from one
public IP to another, without them noticing.
In fact pf comes with an almost ready-made sollution. Check out authpf(8)
for details.
That looks pretty cool. The problem is these are not local users; the
only way to authenticate them is to use web-based services.
--
Chris Cowart
Lead Systems Administrator
Network & Infrastructure Services, RSSP-IT
UC Berkeley
Attachment:
pgpQVt2ummNkM.pgp
Description: PGP signature
- References:
- Large-scale 1-1 NAT
- From: Christopher Cowart
- Re: Large-scale 1-1 NAT
- From: Cristian KLEIN
- Re: Large-scale 1-1 NAT
- From: Max Laier
- Large-scale 1-1 NAT
- Prev by Date: Re: Large-scale 1-1 NAT
- Next by Date: Re: Large-scale 1-1 NAT
- Previous by thread: Re: Large-scale 1-1 NAT
- Next by thread: Re: Large-scale 1-1 NAT
- Index(es):
Relevant Pages
- Re: can IIS disallow page reloads() by code ?
... JS:reloadis script code executed on the client ... So you are looking at client-side
configuration. ... "Hernán Castelo" wrote in message ... > Page reload
has nothing to do with IIS configuration. ... (microsoft.public.inetserver.iis) - IPFW question
... how can I reload the whole thing? ... ipfw command is for creating and
deleting individual rules. ... whole firewall configuration anytime. ... (freebsd-questions) - Re: only reload racoon.conf?
... > support a service restart. ... > rcvar status poll) ...
A restart should invoke the programme to reload it's configuration. ... (freebsd-isp) - Re: Composing tasks and protected objects
... and also support a special entry call to reload the configuration. ...
where arrows indicate direction of call. ... (comp.lang.ada) - Re: errors while starting named
... If you are already running named, the correct way to reload the ... configuration,
after making changes to it, is *NOT* to manually run ... Then, you need to fix the db.10.* zone
files, because they have some ... To unsubscribe, ... (freebsd-net)
