pf BINAT broken
Ansar Mohammed
ansarm at gmail.com
Mon May 28 04:39:36 UTC 2007
I have come to realize that the bidirectional nat of FreeBSD 6.2 is broken.
If I configure the same rule, with a rdr, it works fine.
I have a 1:1: NAT from my internal network to one of my public IPs. I am
using FreeBSD PPPoE. I have disabled NAT on the PPP driver.
If I attempt to connect back to my internal network using any TCP protocol,
the 3 way handshake completes, and I get a few packets of data. Then the
connection drops. Both sides try to retransmit. But to no avail.
Funny enough, it works fine if you are directly connected to the internet,
or through a linksys DSL router. However, through some other corporate
networks, the connection drops after the first few packets of data.
I have tried
scrub in max-mss 700
scrub out max-mss 700
and even
scrub in max-mss 250
scrub out max-mss 250
to no avail. It seems that packets with more than a few bytes of data screw
up the nat tables.
Any ideas anyone? Anything? Anything at all?
More information about the freebsd-questions
mailing list