[Bug 288654] netgraph ng_nat: add command to set port range mask

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=288654

--- Comment #1 from Tatsuki Makino <tatsuki_makino@hotmail.com> ---
Additional,

If the feature added by bug 280736 is not being used, it is recommended that
the ${ng_if} interface be set to mtu 1240.
This is because the ping is ping -D -s 1213 ... when the tunnel packet is first
fragmented.

> These commands can also be automated in the script file /etc/{start,stop}_if.gif0, maybe :)

I am trying to challenge that :)
It will require ngctl shutdown on the stop_if side.
as follows

ngctl shutdown nat_map_e:out
ngctl shutdown nat_map_e:in

When the ends of the hooks on ng_nat are shutdown, ng_nat will also
automatically disappear.
However, when this is quickly restarted by service netif restart gif0, it
causes an increase in clones similar to the originally created ng_iface.
I don't really understand, but it seems to be happening due to some race
condition in which gif_demux, nat, and iface are being recreated.
It occurs in 14.3-STABLE.
Also, it seems that pausing for a longer time with commands like sleep 10 after
ngctl shutdown can be a workaround.

-- 
You are receiving this mail because:
You are the assignee for the bug.