Date: Wed, 29 Jan 2014 22:17:53 +0000 From: Frank Leonhardt <frank2@fjl.co.uk> To: freebsd-questions@freebsd.org Subject: Re: Necessary to implement static NAT 1:1 Message-ID: <52E97E11.9030300@fjl.co.uk> In-Reply-To: <CAHu1Y73ojcVwG43zzc9bDgWiDehGiaP6ww_GDQYmXzhx_3STUA@mail.gmail.com> References: <B62507FE-80CF-4024-9C71-699E2BA02B76@gmail.com> <CAHu1Y73ojcVwG43zzc9bDgWiDehGiaP6ww_GDQYmXzhx_3STUA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 29/01/2014 22:13, Michael Sierchio wrote: > On Wed, Jan 29, 2014 at 2:10 PM, Joshua Smith <juicewvu@gmail.com> wrote: >> Just curious why one would use natd instead of the in kernel nat available as either part of ipfw or pf. > Kernel nat for ipfirewall requires a custom kernel (GENERIC does not > have LIBALIAS). > > Although it's moot as I believe the kernel ends up with the same code (could be wrong), so it makes no difference to any limits. The kernel NAT is probably better as it handles hairpins whereas natd does not (or I've never been able to make it!)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52E97E11.9030300>