nat and ipfw - divert or builtin
Christer Hermansson
mail at chdevelopment.se
Sun Sep 23 09:09:52 PDT 2007
Randy Bush wrote:
> freebsd-current i386 / soekris
>
> i used to use ipfw to divert to natd. so, when i went to configure a
> new nat box nat box today, i was 82.3% there when i hit a bunch of nat
> stuff in ipfw that i do not remember seeing before. it appears that
> ipfw will nat all on its own without natd and divert.
>
> what's the trade-off? which should i use?
>
I only have experience with ipdivert, but I got a tip in this mailing
list about using ipnat with ipfw and also about this integrated variant
so it seems to be at least 3 different ways to go for nat when running ipfw:
divert
ipnat
ipfw's integrated nat
I believe the integrated version makes configuration simpler. I would
choose the old classic divert with ipfw if it is for a important network
that must work, but if I was running -current I would try the integrated
variant beacuse it seems to be simpler to use.
--
Christer Hermansson
More information about the freebsd-net
mailing list