Date: Sat, 21 Oct 2006 22:13:18 -0600 From: Brett Glass <brett@lariat.net> To: Julian Elischer <julian@elischer.org> Cc: net@freebsd.org Subject: Re: Avoiding natd overhead Message-ID: <200610220414.WAA15541@lariat.net> In-Reply-To: <453AEA86.4070103@elischer.org> References: <200610210648.AAA01737@lariat.net> <453AEA86.4070103@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:50 PM 10/21/2006, Julian Elischer wrote: >one thing that you need to name sure of is that only the packets >that have potential of being on interest to natd are passed to natd. I do. In fact, this is a capability I would lose if I used ipfilters or pf to do NAT, which is why I want to find a way to use a mechanism that's triggered by IPFW. You were the person who invented "divert sockets," were you not? How hard would it be to create a mechanism (a sort of "kernel divert socket") so that kernel modules and/or netgraph nodes could do the same things which are now done by userland processes listening on divert sockets? This would boost the performance of any FreeBSD machine that did NAT (which many if not most do). --Brett Glass
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610220414.WAA15541>