Re: nat and ipfw - divert or builtin
- From: Christer Hermansson <mail@xxxxxxxxxxxxxxxx>
- Date: Tue, 25 Sep 2007 00:57:42 +0200
Randy Bush wrote:
No, like I said I only have experience with divert, but in my opinion it's best to not use the latest software for things that *must* work and the integrated nat is a new thing and only available for -current. However it's based on something that been around for a while, libalias, so I guess it's stable.divert
ipnat
ipfw's integrated nat
I believe the integrated version makes configuration simpler. I would
choose the old classic divert with ipfw if it is for a important network
that must work, but if I was running -current I would try the integrated
variant beacuse it seems to be simpler to use.
you seem to imply that you have reason to suspect that ipfw integrated
nat might not be reliable, or at least not as reliable as divert+natd.
any particular experiences or gossip to tell?
I'm planning on trying to use ipnat with ipfw on freebsd 6.2 because I think that's simpler than divert and has been around for a while.
But again if I was running a system based on -current I would go for the integrated variant.
--
Christer Hermansson
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- References:
- nat and ipfw - divert or builtin
- From: Randy Bush
- Re: nat and ipfw - divert or builtin
- From: Christer Hermansson
- Re: Re: nat and ipfw - divert or builtin
- From: Randy Bush
- nat and ipfw - divert or builtin
- Prev by Date: Re: Large-scale 1-1 NAT
- Next by Date: Re: Large-scale 1-1 NAT
- Previous by thread: Re: Re: nat and ipfw - divert or builtin
- Next by thread: Re: Racoon(ipsec-tools) enters sbwait state or 100% CPU utilization quite often on RELENG_1_2
- Index(es):
Relevant Pages
|
