Date: Mon, 20 May 1996 13:48:49 -0500 (CDT) From: Tony Kimball <alk@Think.COM> To: bmah@cs.berkeley.edu Cc: questions@FreeBSD.org Subject: Re: ip masquerading Message-ID: <199605201848.NAA16883@compound.Think.COM> In-Reply-To: <199605201537.IAA09391@premise.CS.Berkeley.EDU> (bmah@cs.berkeley.edu)
next in thread | previous in thread | raw e-mail | index | archive | help
Just a quick response to your points: From: bmah@cs.berkeley.edu (Bruce A. Mah) Date: Mon, 20 May 1996 08:37:53 -0700 3. Corollary to #2: "Because Linux does it" is not a really good reason to do something. Quite the contrary, actually;-? 1. It introduces hard state in the gateway machine. If the gateway goes down and comes back up, you lose all the connections through it. Note that some other approaches such as application-specific gateways have this problem too. To my knowledge no solution is proposed which does not. I think that an RFC on the subject is needed, frankly, to update requirements in a manner which removes the need for gateway state. This point is an argument against solving the problem, not against solving it by masquerade. 2. The Linux implementation ... This is not related to masquerade, however, merely to the Linux implementation. Since the Linux implementation will never run in FBSD, we seem safe on that point. 3. There already exist other methods for doing what IP masquerading does (for example SOCKs, application-specific gateways). Why does FreeBSD need another? Because they don't work. Masquerade works. At least for its applications. It seems to me that the folks who don't need masquerade don't care enough for them as do to advocate their plight adequately to the project. 4. It's not a general purpose solution (e.g. ICMP doesn't work, UDP support is a hack). For example, how would I ping outside my local network to track down problems? >From the masquerade host. ICMP works fine, to the network interface of the *system*. UDP is not a host requirement. Garrett has not spoken yet -- perhaps does not read "questions"? -- but I wonder what his reasons are. I suspect, from other discussion, that the point would be elegance of implementation.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605201848.NAA16883>