Necessary to implement static NAT 1:1
universite at ukr.net
Wed Jan 29 22:19:03 UTC 2014
> On 29/01/2014 15:52, Vladislav Prodan wrote:
> >> On 29/01/2014 12:45, Vladislav Prodan wrote:
> >>> Necessary to implement static NAT 1:1
> >>> 10.1.2.3 -> 184.108.40.206
> >>> 10.1.2.4 -> 220.127.116.11
> >>> 10.1.2.5 -> 18.104.22.168
> >>> 10.1.2.6 -> 22.214.171.124
> >>> ...
> >>> IP addresses such an over 20k
> >>> prompt you implement?
> >> I don't understand the question exactly (I expect I will not be the only
> >> one). natd will allow 1:1 mappings like this very easily. Are you saying
> >> you have a lot of these and you do not want to write the config file by
> >> hand?
> > I'm not sure that FreeBSD withstand an over 20k rules of the form:
> > ipfw nat 3 config ip 126.96.36.199
> > ipfw nat 4 config ip 188.8.131.52
> > ipfw nat 5 config ip 184.108.40.206
> > ipfw nat 6 config ip 220.127.116.11
> > ...
> > + Two rules to handle each nat N
> > Probably need to somehow use nat tablearg, but I do not understand logic.
> I do not think there would be a problem with natd. It uses libalias and
> this calls malloc() to add each redirect to a simple linked list. A
> quick looks suggests it's only 50-ish bytes/entry (depending on
> processor) so a table of 20K of them would be ~1Mb (+malloc overhead).
> There was a time when 1Mb was a lot of core, but not any more. It may
> slow down a bit, as it links through he list.
> There might be something in the newer libalias that does it more
> efficiently, but if you give it a go I think it will probably work.
> Regards, Frank.
Thank you for your feedback.
I will try to assemble the stand and test scripts to simulate the behavior of users.
Vladislav V. Prodan
System & Network Administrator
+380 67 4584408, +380 99 4060508
More information about the freebsd-questions