Problem with ipfw, in-kernel NAT and port redirection to jails
Julian Elischer
julian at freebsd.org
Mon Feb 8 15:11:48 UTC 2016
On 8/02/2016 9:27 PM, Alexey Roslyakov via freebsd-net wrote:
> 08.02.2016 12:30, Kiryanov Vassily пишет:
>> Hello Alexey,
>>
>> Thank you for this information, I have thoughts about using pf nat as
>> an alternative way and your example will be useful for me.
>>
>> But Eugene Grosbein adviced me to turn off tso4 on network card
>> underlaying my VLANs and it was enough to solve problem with port
>> redirection. Without turning tso4 off ipfw + in-kernel NAT works
>> fine but port redirection fails.
>>
>
> Thank you. It's my mistake - was confused by home gateway, where
> redirect_port worked perfectly (NIC without TSO support), and there
> is a notice in section BUGS of ipfw(8) about incompatible libalias
> and TSO.
so why are you using libalias?
I may have misread what you are doing but IP masquerading might work
better. (ipfw fwd rule with local destination)
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
>
More information about the freebsd-net
mailing list