From owner-freebsd-net@FreeBSD.ORG Tue May 2 16:24:29 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2EB9416A459 for ; Tue, 2 May 2006 16:24:29 +0000 (UTC) (envelope-from flag@newluxor.wired.org) Received: from mail.oltrelinux.com (krisma.oltrelinux.com [194.242.226.43]) by mx1.FreeBSD.org (Postfix) with ESMTP id A463943D6E for ; Tue, 2 May 2006 16:24:23 +0000 (GMT) (envelope-from flag@newluxor.wired.org) Received: from newluxor.wired.org (ip-89-202.sn2.eutelia.it [83.211.89.202]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.oltrelinux.com (Postfix) with ESMTP id 7CE7B11AEAF; Tue, 2 May 2006 18:24:16 +0200 (CEST) Received: from newluxor.wired.org (localhost [127.0.0.1]) by newluxor.wired.org (8.13.6/8.13.6) with ESMTP id k42GO6v8003671; Tue, 2 May 2006 18:24:06 +0200 (CEST) (envelope-from flag@newluxor.wired.org) Received: (from flag@localhost) by newluxor.wired.org (8.13.6/8.13.6/Submit) id k42GO6tl003670; Tue, 2 May 2006 18:24:06 +0200 (CEST) (envelope-from flag) Date: Tue, 2 May 2006 18:24:06 +0200 From: Paolo Pisati To: Iasen Kostov Message-ID: <20060502162406.GA3596@tin.it> References: <20060430135702.GA48117@tin.it> <1146569915.79123.9.camel@DraGoN.OTEL.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1146569915.79123.9.camel@DraGoN.OTEL.net> User-Agent: Mutt/1.4.2.1i X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at krisma.oltrelinux.com Cc: FreeBSD_Net Subject: Re: [6.x patchset] Ipfw nat and libalias modules X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 May 2006 16:24:29 -0000 On Tue, May 02, 2006 at 02:38:35PM +0300, Iasen Kostov wrote: > Have you done any performace comparisons with pf's NAT ? I realy would > prefer libalias based kernel NAT than pf because libalias works better > with ftp, irc dcc and things like that (VoIP would be nice too :P ). So > the only reason I've not put it in production is because its to new and > untested but as soon as I upgrade mine home to 6.x router I'll test it > more extensivly. no performance comparison (at least not yet), but i don't expect NAT to be a real bottleneck. Anyway, if we find it's dead slow, i'll fix it :) > Btw what is the status of the multi-session to the same > point PPTP NAT (e.g call ID tracking) ? i didn't modify the protocol specific nat support, so it's just like with natd. btw a brave guy (Hi Patrick! :) switched 4 boxes (i386 and amd64, UP and SMP) from natd to ipfw's nat and everything went smooth, except for a little bug that i'm tracking down... sounds good to me! :) bye -- Paolo "le influenze esterne sono troppe, il mondo reale non e' mica quello fatato dei komunisti :-p" - Anonymous Lumbard