Date: Fri, 12 Sep 1997 10:51:17 -0700 (PDT) From: Richard Hodges <rh@alpine.net> To: lashby@texramp.net Cc: freebsd-isp@FreeBSD.ORG Subject: Re: NAT for dialups? Message-ID: <Pine.BSF.3.91.970912101757.28083E-100000@oak.alpine.net> In-Reply-To: <199709121624.LAA02176@host1.texramp.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 12 Sep 1997 lashby@texramp.net wrote: > After filling out Yet Another Justification for more IP space, I'm > looking for ways to squeeze our current utilization even tighter. > One possibility I've been thinking about is installing a FreeBSD > server with natd and two NIC's on our network and putting most of our > dialup terminal servers behind it. Any customer who's being assigned > a dynamic IP would be given a number from a hunt group connected to > one of those termservers, and their address would be assigned out of > the 10.x.x.x space. Web surfing and email should work fine, but > what about other services, such as IRC, ICQ, whatever. I did a quick test with ether/ether on a 486/100 with 2.2.2 It worked surprisingly well. I tested web, ftp, irc, news, realaudio, and MS file & print services. FTP pooped out around 400K/second, about half what it should be (CPU utilization: around 30%), but normal web browsing seemed as good (or better!) than before. > Would this cause a problem with backtracking a problem user > through DNS? Sure. All the connections would appear to originate from your NAT computer. On the other hand, it would be more difficult for someone on the internet to launch an attack on one of your customers. You get some primitive firewall protection for free. All the best, -Richard -------------------------------------------- Richard Hodges | (702) 888-3000 Alpine Internet | 400 Fairview Drive rh@alpine.net | Carson City, NV 89701 member, ISP/C
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.970912101757.28083E-100000>