From owner-freebsd-questions@FreeBSD.ORG Thu Jul 10 17:29:25 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3CED837B401 for ; Thu, 10 Jul 2003 17:29:25 -0700 (PDT) Received: from dsl-mail.kamp.net (mail.kamp-dsl.de [195.62.99.42]) by mx1.FreeBSD.org (Postfix) with SMTP id 0984D43F3F for ; Thu, 10 Jul 2003 17:29:24 -0700 (PDT) (envelope-from root@pukruppa.de) Received: (qmail 26883 invoked by uid 505); 11 Jul 2003 00:29:23 -0000 Received: from root@pukruppa.de by dsl-mail by uid 502 with qmail-scanner-1.14 (spamassassin: 2.43. Clear:. Processed in 0.174982 secs); 11 Jul 2003 00:29:23 -0000 Received: from unknown (HELO reverse-213-146-114-24.dialin.kamp-dsl.de) (213.146.114.24) by dsl-mail.kamp.net with SMTP; 11 Jul 2003 00:29:23 -0000 Date: Fri, 11 Jul 2003 02:36:31 +0200 (CEST) From: "P. U. Kruppa" To: Vulpes Velox In-Reply-To: <20030711182053.022b3292.kitbsdlists@HotPOP.com> Message-ID: <20030711023050.C15290@small.pukruppa.de> References: <200307101957.NAA01395@lariat.org> <20030710165545.L32209-100000@skippyii.compar.com> <20030711182053.022b3292.kitbsdlists@HotPOP.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: brett@lariat.org cc: questions@freebsd.org cc: Matthew Emmerton Subject: Re: Dead natd -> dead system X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 00:29:25 -0000 On Fri, 11 Jul 2003, Vulpes Velox wrote: > On Thu, 10 Jul 2003 16:56:12 -0400 (EDT) > Matthew Emmerton wrote: > > > On Thu, 10 Jul 2003, Brett Glass wrote: > > > > > While working with a FreeBSD system this afternoon, I did something which killed > > > natd (the NAT daemon), which was processing packets in the usual way via ipfw > > > and a divert socket. > > > > > > The result? Network communications on the system simply went dead. > > > > > > It seems to me that ipfw should be able to "self-heal" (that is, bypass the > > > rule) or reinvoke a daemon that's attached to a divert socket. Otherwise, > > > the process that's attached to the socket becomes an Achilles' heel for > > > the whole system. Crash it for any reason, and the system's offline. > > > > > > Ideas? > > > > Use kernel-mode IPNAT instead of user-mode natd? > > What is kernel-mode IPNAT? If you are using ppp to dial in, use the options -nat and -ddial That will keep your connection up 24h/day . Regards, Uli. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > +-----------------------------------+ | Peter Ulrich Kruppa | | - Wuppertal - | | Germany | +-----------------------------------+