Date: Wed, 28 Jun 2000 08:05:14 -0400 From: "Troy Settle" <troy@picus.com> To: "Evan Tsoukalas" <evan@sourcee.com>, <freebsd-questions@freebsd.org> Subject: RE: NATd load question Message-ID: <FCEELIAEIIECDGKKJLMIOEECCAAA.troy@picus.com> In-Reply-To: <20000623120131.B14899@sourcee.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Evan, I have ~230 systems behind an AMD K6-2/350 w/64MB. It's also the mail server for all those people, and does some light web serving. Uptime on this box is 455 days (since I put it into service), and has been 100% maintenaince free (except for adding/deleting users). At another site, I deployed a 486/66 w/32MB to do NAT for about 50 workstations. It was also 100% reliable for the 3 months it was in service. The customer hired their own IT person with linux experience. They replace my NAT solution with a Linux box, and haven't been up for more than 3 days at a time since. Here's my IPFW rules: 00100 divert 8668 ip from any to any via ed1 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 65535 allow ip from any to any I don't know if they're optimal, but they seem to work well enough HTH, -- Troy Settle Network Analyst Picus Communications 540.633.6327 ** -----Original Message----- ** From: owner-freebsd-questions@FreeBSD.ORG ** [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of ** Evan Tsoukalas ** Sent: Friday, June 23, 2000 12:02 PM ** To: freebsd-questions@freebsd.org ** Subject: NATd load question ** ** ** Hello, ** ** I've been running natd on a -CURRENT FreeBSD box for several ** months now to share my cable modem between the four computers on ** my home network. It's been a rather painless experience, and even ** during fairly heavy server loads (make buildworld's), there isn't ** any real noticeable degradation in performance. ** ** I now need to look into a large scale natd implementation for ** work (250+ computers), so I went to the archives to see if ** someone had posted about a natd implementation of that size. ** After browsing through a lot of posts, I noticed that the question ** has come up several times, but I couldn't, for the life of me, find ** an answer. ** ** So, has anyone used natd for a 200+ computer network? If so, ** what did your hardware config look like? Any tips? ** ** Also, during my search, I saw a post in early April stating that ** the standard ipfw config for natd ** ** ipfw -q flush ** ipfw add 100 divert natd ip from any to any via $natd_interface ** ipfw add 200 allow ip from any to any ** ** places a lot of load on the server by sending local packets that ** don't need translation to the daemon anyway. Does anyone have ** any suggestions on how to do this better? ** ** Any help would be greatly appreciated. ** ** -- ** Regards, ** ** Evan Tsoukalas ** Systems Administrator ** Source Electronics Corporation ** evan@sourcee.com ** ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org ** with "unsubscribe freebsd-questions" in the body of the message ** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FCEELIAEIIECDGKKJLMIOEECCAAA.troy>