From owner-freebsd-questions@FreeBSD.ORG  Sun Mar 16 16:03:21 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 589EB1065670
	for <freebsd-questions@freebsd.org>;
	Sun, 16 Mar 2008 16:03:21 +0000 (UTC)
	(envelope-from erikt@midgard.homeip.net)
Received: from ch-smtp01.sth.basefarm.net (ch-smtp01.sth.basefarm.net
	[80.76.149.212])
	by mx1.freebsd.org (Postfix) with ESMTP id 2BA658FC19
	for <freebsd-questions@freebsd.org>;
	Sun, 16 Mar 2008 16:03:20 +0000 (UTC)
	(envelope-from erikt@midgard.homeip.net)
Received: from c83-253-25-183.bredband.comhem.se ([83.253.25.183]:57461
	helo=falcon.midgard.homeip.net)
	by ch-smtp01.sth.basefarm.net with esmtp (Exim 4.68)
	(envelope-from <erikt@midgard.homeip.net>) id 1JavKR-0008Rr-4S
	for freebsd-questions@freebsd.org; Sun, 16 Mar 2008 17:03:19 +0100
Received: (qmail 63668 invoked from network); 16 Mar 2008 17:03:18 +0100
Received: from owl.midgard.homeip.net (10.1.5.7)
	by falcon.midgard.homeip.net with ESMTP; 16 Mar 2008 17:03:18 +0100
Received: (qmail 35977 invoked by uid 1001); 16 Mar 2008 17:03:17 +0100
Date: Sun, 16 Mar 2008 17:03:17 +0100
From: Erik Trulsson <ertr1013@student.uu.se>
To: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>
Message-ID: <20080316160317.GA35937@owl.midgard.homeip.net>
Mail-Followup-To: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>,
	Ian Smith <smithi@nimnet.asn.au>, Razmig K <strontium90@gmail.com>,
	Dan Nelson <dnelson@allantgroup.com>, freebsd-questions@freebsd.org
References: <Pine.BSF.3.96.1080316193840.4307A-100000@gaia.nimnet.asn.au>
	<20080316163701.B14645@wojtek.tensor.gdynia.pl>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20080316163701.B14645@wojtek.tensor.gdynia.pl>
User-Agent: Mutt/1.5.17 (2007-11-01)
X-Originating-IP: 83.253.25.183
X-Scan-Result: No virus found in message 1JavKR-0008Rr-4S.
X-Scan-Signature: ch-smtp01.sth.basefarm.net 1JavKR-0008Rr-4S
	1cacff77bc4001224037b53c74cc6afd
Cc: Razmig K <strontium90@gmail.com>, Dan Nelson <dnelson@allantgroup.com>,
	Ian Smith <smithi@nimnet.asn.au>, freebsd-questions@freebsd.org
Subject: Re: IPFW with user-ppp's NAT
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Mar 2008 16:03:21 -0000

On Sun, Mar 16, 2008 at 04:37:18PM +0100, Wojciech Puchar wrote:
>> Frankly I'm a bit surprised that this hasn't been more widely heralded,
>> as userland natd is often given as a reason to prefer other firewalls,
> 
> what's wrong in userland natd?

Performance.  With userland natd, every packet that passes through natd
must pass from kernel to userland (causing one context switch) and back
again (causing another context switch).  This will be slower and use more
CPU than doing it all inside the kernel, without any context switches.



-- 
<Insert your favourite quote here.>
Erik Trulsson
ertr1013@student.uu.se