From owner-freebsd-net@FreeBSD.ORG Mon Sep 24 20:06:06 2007 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1DC3416A417 for ; Mon, 24 Sep 2007 20:06:06 +0000 (UTC) (envelope-from randy@psg.com) Received: from rip.psg.com (rip.psg.com [147.28.0.39]) by mx1.freebsd.org (Postfix) with ESMTP id 0D02313C4B3 for ; Mon, 24 Sep 2007 20:06:05 +0000 (UTC) (envelope-from randy@psg.com) Received: from cust16202.lava.net ([64.65.95.74] helo=[192.168.0.101]) by rip.psg.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.67 (FreeBSD)) (envelope-from ) id 1IZuBw-0003uz-Al; Mon, 24 Sep 2007 20:06:04 +0000 Message-ID: <46F8189B.900@psg.com> Date: Mon, 24 Sep 2007 10:05:47 -1000 From: Randy Bush User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: Christer Hermansson References: <46F5FF0A.7030203@psg.com> <46F68B1C.6020303@chdevelopment.se> In-Reply-To: <46F68B1C.6020303@chdevelopment.se> X-Enigmail-Version: 0.95.3 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Re: nat and ipfw - divert or builtin X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Sep 2007 20:06:06 -0000 > divert > ipnat > ipfw's integrated nat > > I believe the integrated version makes configuration simpler. I would > choose the old classic divert with ipfw if it is for a important network > that must work, but if I was running -current I would try the integrated > variant beacuse it seems to be simpler to use. you seem to imply that you have reason to suspect that ipfw integrated nat might not be reliable, or at least not as reliable as divert+natd. any particular experiences or gossip to tell? randy