From owner-freebsd-net@FreeBSD.ORG  Wed May  3 11:06:32 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9FB4316A400
	for <freebsd-net@freebsd.org>; Wed,  3 May 2006 11:06:32 +0000 (UTC)
	(envelope-from tbyte@otel.net)
Received: from mail.otel.net (gw3.OTEL.net [212.36.8.151])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3CB1143D49
	for <freebsd-net@freebsd.org>; Wed,  3 May 2006 11:06:32 +0000 (GMT)
	(envelope-from tbyte@otel.net)
Received: from dragon.otel.net ([212.36.8.135])
	by mail.otel.net with esmtp (Exim 4.60 (FreeBSD))
	(envelope-from <tbyte@otel.net>)
	id 1FbFBe-000Hz1-J8; Wed, 03 May 2006 14:06:31 +0300
From: Iasen Kostov <tbyte@otel.net>
To: Scott Ullrich <sullrich@gmail.com>
In-Reply-To: <d5992baf0605020904p26581d87q63e8c9ad6247d71b@mail.gmail.com>
References: <20060430135702.GA48117@tin.it>
	<1146569915.79123.9.camel@DraGoN.OTEL.net>
	<d5992baf0605020904p26581d87q63e8c9ad6247d71b@mail.gmail.com>
Content-Type: text/plain
Date: Wed, 03 May 2006 14:06:30 +0300
Message-Id: <1146654390.30275.12.camel@DraGoN.OTEL.net>
Mime-Version: 1.0
X-Mailer: Evolution 2.6.1 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: 7bit
Cc: FreeBSD_Net <freebsd-net@freebsd.org>
Subject: Re: [6.x patchset] Ipfw nat and libalias modules
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 May 2006 11:06:32 -0000

On Tue, 2006-05-02 at 12:04 -0400, Scott Ullrich wrote:
> On 5/2/06, Iasen Kostov <tbyte@otel.net> wrote:
> [snip]
> > Btw what is the status of the multi-session to the same
> > point PPTP NAT (e.g call ID tracking) ?
> 
> PF's NAT has the same problem.   We have this come up quite often on
> pfSense where someone wants to make multiple connections through the
> firewall to a target PPTP server.   After the first connection PF
> seems to loose track of the (what your calling ID tracking I suppose)
> in GRE and then no new connections can be created to that particular
> PPTP server.  Works fine if the second person connects to a different
> server however.

	Yep but corporate clients tend to connect to the same server :).
I've asked this question becouse I've wrote a pptp load balancer some
time in the past and could possibly use it as start point for pptp nat
(because the balancer was doing exactly this tracking of the call IDs
for the connections to the pptp servers were comming from the same IP of
the balancer's machine and there were multiple connections).