[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenBsd and NAT

To: archi2k@altern.org
Subject: Re: OpenBsd and NAT
From: Jim Razmus <lists@bonetruck.org>
Date: Mon, 8 Oct 2001 12:33:18 -0400
Cc: tech@openbsd.org
Content-Disposition: inline
Mail-Followup-To: Jim Razmus <lists@bonetruck.org>,archi2k@altern.org, tech@openbsd.org
References: <200110080843.f988hbga020753@openbsd.cs.colorado.edu>
User-Agent: Mutt/1.2.5i

I am aware of a pair of 1U rackmount i386 boxes that filter and NAT for an enterprise with redundant T3s and about 100 different domains.  And it's 2.8 if your curious.  All that was required was to expand the size of the state table by adjusting some params and recompiling a new kernel.

Jim
* archi2k@altern.org <archi2k@altern.org> [011008 04:56]:
> Hi,
> 
> I run a website behind a Linux 2.2.x firewall.
> Public IPs are NATed at the firewall to a 172.16.0.0/24 private internal network.
> 
> Unfortunetly, when there are a lot of NATed connections (about 2000) the firewall box is starting to drop packets.
> 
> I'm thinking on Openbsd as an alternative to my 2.2.x box. What do you think? Does the NAT code perform good in OpenBSD?
> 
> Thanks in advance,
> 
> a2k

References:
- OpenBsd and NAT
  - From: <archi2k@altern.org>

Prev by Date: WORKING: isakmp + X509 PKI Setup Guide using PGP and tokens
Next by Date: rm hack
Prev by thread: OpenBsd and NAT
Next by thread: WORKING: isakmp + X509 PKI Setup Guide using PGP and tokens
Index(es):
- Date
- Thread