[6.x patchset] Ipfw nat and libalias modules
Iasen Kostov
tbyte at otel.net
Wed May 3 11:12:42 UTC 2006
On Tue, 2006-05-02 at 18:24 +0200, Paolo Pisati wrote:
> On Tue, May 02, 2006 at 02:38:35PM +0300, Iasen Kostov wrote:
> > Have you done any performace comparisons with pf's NAT ? I realy would
> > prefer libalias based kernel NAT than pf because libalias works better
> > with ftp, irc dcc and things like that (VoIP would be nice too :P ). So
> > the only reason I've not put it in production is because its to new and
> > untested but as soon as I upgrade mine home to 6.x router I'll test it
> > more extensivly.
>
> no performance comparison (at least not yet), but i don't
> expect NAT to be a real bottleneck. Anyway, if we find
> it's dead slow, i'll fix it :)
>
> > Btw what is the status of the multi-session to the same
> > point PPTP NAT (e.g call ID tracking) ?
>
> i didn't modify the protocol specific nat support, so
> it's just like with natd.
>
> btw a brave guy (Hi Patrick! :) switched 4 boxes
> (i386 and amd64, UP and SMP) from natd to ipfw's nat and
> everything went smooth, except for a little bug that i'm
> tracking down... sounds good to me! :)
>
> bye
Sound good to me too :). We have a dual opteron 248 here NATing (and
that's its only purpose) about 2000 clients at ~300-400 Mbps full-duplex
so the NAT could be a bottle neck :). But in time for the next upgrade
(to 6.1) I'll test your patches to see what will happen.
Regards.
More information about the freebsd-net
mailing list