Necessary to implement static NAT 1:1
Vladislav Prodan
universite at ukr.net
Wed Jan 29 22:19:03 UTC 2014
> On 29/01/2014 15:52, Vladislav Prodan wrote:
> >
> >
> >
> >> On 29/01/2014 12:45, Vladislav Prodan wrote:
> >>> Necessary to implement static NAT 1:1
> >>>
> >>> 10.1.2.3 -> 100.1.2.3
> >>> 10.1.2.4 -> 100.1.2.4
> >>> 10.1.2.5 -> 100.1.2.5
> >>> 10.1.2.6 -> 100.1.2.6
> >>> ...
> >>> IP addresses such an over 20k
> >>> prompt you implement?
> >>>
> >> I don't understand the question exactly (I expect I will not be the only
> >> one). natd will allow 1:1 mappings like this very easily. Are you saying
> >> you have a lot of these and you do not want to write the config file by
> >> hand?
> >>
> >>
> > I'm not sure that FreeBSD withstand an over 20k rules of the form:
> >
> > ipfw nat 3 config ip 100.1.2.3
> > ipfw nat 4 config ip 100.1.2.4
> > ipfw nat 5 config ip 100.1.2.5
> > ipfw nat 6 config ip 100.1.2.6
> > ...
> >
> > + Two rules to handle each nat N
> >
> > Probably need to somehow use nat tablearg, but I do not understand logic.
> >
> >
>
> I do not think there would be a problem with natd. It uses libalias and
> this calls malloc() to add each redirect to a simple linked list. A
> quick looks suggests it's only 50-ish bytes/entry (depending on
> processor) so a table of 20K of them would be ~1Mb (+malloc overhead).
> There was a time when 1Mb was a lot of core, but not any more. It may
> slow down a bit, as it links through he list.
>
> There might be something in the newer libalias that does it more
> efficiently, but if you give it a go I think it will probably work.
>
> Regards, Frank.
>
>
Thank you for your feedback.
I will try to assemble the stand and test scripts to simulate the behavior of users.
--
Vladislav V. Prodan
System & Network Administrator
http://support.od.ua
+380 67 4584408, +380 99 4060508
VVP88-RIPE
More information about the freebsd-questions
mailing list