Date: Mon, 12 Jan 2004 14:13:21 -0500 (EST) From: Anthony Volodkin <anthonyv@brainlink.com> To: Barney Wolff <barney@databus.com> Cc: Andriy Korud <akorud@polynet.lviv.ua> Subject: Re: NATD and available ports Message-ID: <20040112141146.N51689-100000@superior.local.non-standard.net> In-Reply-To: <20040112181853.GA20984@pit.databus.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hey, Just curious, but why do you need to use NAT with 2000 clients and that many connections/traffic? Surely there might be another solution. -Anthony On Mon, 12 Jan 2004, Barney Wolff wrote: > On Mon, Jan 12, 2004 at 05:45:39PM +0200, Andriy Korud wrote: > > Hi. > > I need to run nat box for ~2000 clients with up to 300.000 active connections. > > ipnat doesn't handle such load, so I'm going to try natd - but worry that natd > > will simply use all available outgoing ports and then crash. > > I have 128 public IP's and in ipnat's configuration just map smaller blocks of > > private IP's into certain public IP, but have no idea how can I do this using > > natd. > > You can run multiple copies of natd, each one on its own divert socket. > ipfw rules can decide which internal machines & which external addresses > go to which divert socket. > > Performance may well be an issue, depending on bandwidth. Perhaps one > NAT box per 100 client boxes would not be overkill - is adding 1% to > the h/w budget unreasonable? > > -- > Barney Wolff http://www.databus.com/bwresume.pdf > I'm available by contract or FT, in the NYC metro area or via the 'Net. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040112141146.N51689-100000>