Date: Mon, 8 Feb 2016 23:06:20 +0800 From: Julian Elischer <julian@freebsd.org> To: Alexey Roslyakov <free@oneex.me>, freebsd-net@freebsd.org Cc: Kiryanov Vassily <kvas@bf.pstu.ru> Subject: Re: Problem with ipfw, in-kernel NAT and port redirection to jails Message-ID: <56B8AEEC.3030904@freebsd.org> In-Reply-To: <56B897B1.7090007@oneex.me> References: <A88A7FED-B5DD-4B1E-96A4-AE1F3EAB8E30@0x89.net> <56B5A77B.2010108@oneex.me> <66-1856806937.20160208133039@bf.pstu.ru> <56B897B1.7090007@oneex.me>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8/02/2016 9:27 PM, Alexey Roslyakov via freebsd-net wrote: > 08.02.2016 12:30, Kiryanov Vassily пишет: >> Hello Alexey, >> >> Thank you for this information, I have thoughts about using pf nat as >> an alternative way and your example will be useful for me. >> >> But Eugene Grosbein adviced me to turn off tso4 on network card >> underlaying my VLANs and it was enough to solve problem with port >> redirection. Without turning tso4 off ipfw + in-kernel NAT works >> fine but port redirection fails. >> > > Thank you. It's my mistake - was confused by home gateway, where > redirect_port worked perfectly (NIC without TSO support), and there > is a notice in section BUGS of ipfw(8) about incompatible libalias > and TSO. so why are you using libalias? I may have misread what you are doing but IP masquerading might work better. (ipfw fwd rule with local destination) > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56B8AEEC.3030904>