Date: Sun, 23 Sep 2007 17:49:48 +0200 From: Christer Hermansson <mail@chdevelopment.se> To: freebsd-net@freebsd.org Cc: randy@psg.com Subject: Re: nat and ipfw - divert or builtin Message-ID: <46F68B1C.6020303@chdevelopment.se> In-Reply-To: <46F5FF0A.7030203@psg.com> References: <46F5FF0A.7030203@psg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Randy Bush wrote: > freebsd-current i386 / soekris > > i used to use ipfw to divert to natd. so, when i went to configure a > new nat box nat box today, i was 82.3% there when i hit a bunch of nat > stuff in ipfw that i do not remember seeing before. it appears that > ipfw will nat all on its own without natd and divert. > > what's the trade-off? which should i use? > I only have experience with ipdivert, but I got a tip in this mailing list about using ipnat with ipfw and also about this integrated variant so it seems to be at least 3 different ways to go for nat when running ipfw: divert ipnat ipfw's integrated nat I believe the integrated version makes configuration simpler. I would choose the old classic divert with ipfw if it is for a important network that must work, but if I was running -current I would try the integrated variant beacuse it seems to be simpler to use. -- Christer Hermansson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46F68B1C.6020303>