Large scale NAT with PF - some weird problem
Milan Obuch
freebsd-pf at dino.sk
Thu Jul 9 14:49:01 UTC 2015
On Mon, 6 Jul 2015 16:33:58 +0200
Milan Obuch <freebsd-pf at dino.sk> wrote:
> On Mon, 29 Jun 2015 12:54:32 +0200
> Milan Obuch <freebsd-pf at dino.sk> wrote:
>
> > On Mon, 29 Jun 2015 12:42:22 +0200
> > Ian FREISLICH <ian.freislich at capeaugusta.com> wrote:
[ snip ]
> > > If the round-robin works with a smaller pool, then I suspect
> > > Glebius will be interested.
> > >
> >
> > Well, if he chimes in, I would only welcome that. Currently I am
> > waiting for any signs of troubles with shrinked pool, if there will
> > be any.
> >
>
> For about a week, I did not receive any complaints, so I think it
> works for now.
>
I did a small experiment, after working some time with no troubles with
pool x.y.26.0/24, I tried with x.y.27.0/24, and it troubled again. IP
in question is x.y.27.152, as soon as it gets used, affected
customer/device has no access to internet. Really weird.
So it is not sheer pool size leading to troubles, it is the inclusion
of this one IP (maybe some more, but not frequently) in pool which does
result in trouble. I am baffled.
Regards,
Milan
More information about the freebsd-pf
mailing list