NATD and available ports
Anthony Volodkin
anthonyv at brainlink.com
Mon Jan 12 11:13:24 PST 2004
Hey,
Just curious, but why do you need to use NAT with 2000 clients and that
many connections/traffic? Surely there might be another solution.
-Anthony
On Mon, 12 Jan 2004, Barney Wolff wrote:
> On Mon, Jan 12, 2004 at 05:45:39PM +0200, Andriy Korud wrote:
> > Hi.
> > I need to run nat box for ~2000 clients with up to 300.000 active connections.
> > ipnat doesn't handle such load, so I'm going to try natd - but worry that natd
> > will simply use all available outgoing ports and then crash.
> > I have 128 public IP's and in ipnat's configuration just map smaller blocks of
> > private IP's into certain public IP, but have no idea how can I do this using
> > natd.
>
> You can run multiple copies of natd, each one on its own divert socket.
> ipfw rules can decide which internal machines & which external addresses
> go to which divert socket.
>
> Performance may well be an issue, depending on bandwidth. Perhaps one
> NAT box per 100 client boxes would not be overkill - is adding 1% to
> the h/w budget unreasonable?
>
> --
> Barney Wolff http://www.databus.com/bwresume.pdf
> I'm available by contract or FT, in the NYC metro area or via the 'Net.
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
More information about the freebsd-net
mailing list