From owner-freebsd-net Mon Sep 30 11:19:58 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 204A437B401 for ; Mon, 30 Sep 2002 11:19:56 -0700 (PDT) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with SMTP id 8A4AC43E65 for ; Mon, 30 Sep 2002 11:19:54 -0700 (PDT) (envelope-from oppermann@pipeline.ch) Received: (qmail 30827 invoked from network); 30 Sep 2002 18:17:07 -0000 Received: from unknown (HELO pipeline.ch) ([62.48.0.53]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 30 Sep 2002 18:17:07 -0000 Message-ID: <3D989594.DA0D0497@pipeline.ch> Date: Mon, 30 Sep 2002 20:19:00 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Luigi Rizzo Cc: freebsd-net@FreeBSD.ORG, jeker@n-r-g.com Subject: Re: New natd available References: <3D9861CA.F3225DE7@pipeline.ch> <20020930103617.A4019@iguana.icir.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Luigi Rizzo wrote: > > Andre, > could you briefly comment how the new libalias+natd differ > (or are planned to differ) from the old one -- e.g. do > they implement keepalives, move-to-front of sessions in the > hash chains, fixe to known bugs in the old one ? The new one has a way more powerful configuration syntax and supports new modes like aliasing to more than one outside address. > One common complaint with the old libalias is that > performance tends to trash with time -- this seems to be > due to the very long timeout (24hrs ?) for sessions, coupled > to the fact that newly created sesssions are appended to > the end of the hash chains so over time the lookup times > tend to become larger and larger. This hasn't been fixed yet. > One easy fix to this behaviour is to move to the front of > the hash chain a session descriptor upon a successful lookup. > This keeps fresh sessions near the head of the chain while > stale ones drift towards the end. We'll do this. Could you have a more detailed look at the new natd maybe? -- Andre > thanks > luigi > > > Hello all > > > > In the FreeBSD May-June 2002 Status Report we have announced a natd > > rewrite to make it's configuration options more powerful and support > > more ip addresses to nat to. > > > > The first functional preview is available here: > > > > http://diehard.n-r-g.com/stuff/freebsd/ > > > > Please check this out and test it with real traffic. We'd appreciate > > any feedback about the syntax and any bugs. It'll get some more style > > treatment before declaring it for full public consumption. > > > > Next in row is the tcphostcache in a couple of days. After that the > > new routing table is coming. > > > > -- > > Andre > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message