PF NAT issue with 9.0-BETA3 and RELENG_9 'head'
Florian Smeets
flo at FreeBSD.org
Tue Oct 18 18:25:50 UTC 2011
On 18.10.11 18:44, Florian Wilkemeyer wrote:
> Hello,
>
> i recently switched a router in our test-environment to FreeBSD 9.0-Beta3
> (and after things didnt worked ... checked out the current RELENG_9
> and recompiled kernel& world .. )
>
>
>
> Problem:
> After 5 - 15 minutes NAT stops working (normal routing still works.)
>
> Network Utilization: about 40 MByte/second, which gets routed
> only a few kbit/s are getting natted (NTP Syncs and such ... )
>
> When i took a look on the nat rules (via pfctl -vv -s nat)
> the rules gets evaluated; but nothing matches anymore...
>
> State Table helds about 9500 Entrys,
> Source Tracking Table about 300
>
Hi,
i guess you have pf compiled into your kernel? Try to use the module,
that should be a workaround. This is a known problem and people are
working on it.
HTH,
Florian
More information about the freebsd-pf
mailing list