From owner-freebsd-questions@FreeBSD.ORG  Wed Jan 29 22:17:54 2014
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 64571691
 for <freebsd-questions@freebsd.org>; Wed, 29 Jan 2014 22:17:54 +0000 (UTC)
Received: from bs1.fjl.org.uk (bs1.fjl.org.uk [84.45.41.196])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id D9B2B1B67
 for <freebsd-questions@freebsd.org>; Wed, 29 Jan 2014 22:17:53 +0000 (UTC)
Received: from [192.168.1.35]
 (host86-163-127-175.range86-163.btcentralplus.com [86.163.127.175])
 (authenticated bits=0)
 by bs1.fjl.org.uk (8.14.4/8.14.4) with ESMTP id s0TMHpUi036196
 (version=TLSv1/SSLv3 cipher=DHE-DSS-CAMELLIA256-SHA bits=256 verify=NO)
 for <freebsd-questions@freebsd.org>; Wed, 29 Jan 2014 22:17:52 GMT
 (envelope-from frank2@fjl.co.uk)
Message-ID: <52E97E11.9030300@fjl.co.uk>
Date: Wed, 29 Jan 2014 22:17:53 +0000
From: Frank Leonhardt <frank2@fjl.co.uk>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
Subject: Re: Necessary to implement static NAT 1:1
References: <B62507FE-80CF-4024-9C71-699E2BA02B76@gmail.com>
 <CAHu1Y73ojcVwG43zzc9bDgWiDehGiaP6ww_GDQYmXzhx_3STUA@mail.gmail.com>
In-Reply-To: <CAHu1Y73ojcVwG43zzc9bDgWiDehGiaP6ww_GDQYmXzhx_3STUA@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.17
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jan 2014 22:17:54 -0000

On 29/01/2014 22:13, Michael Sierchio wrote:
> On Wed, Jan 29, 2014 at 2:10 PM, Joshua Smith <juicewvu@gmail.com> wrote:
>> Just curious why one would use natd instead of the in kernel nat available as either part of ipfw or pf.
> Kernel nat for ipfirewall requires a custom kernel (GENERIC does not
> have LIBALIAS).
>
>
Although it's moot as I believe the kernel ends up with the same code 
(could be wrong), so it makes no difference to any limits. The kernel 
NAT is probably better as it handles hairpins whereas natd does not (or 
I've never been able to make it!)