Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT Reflection implementation for 1:1 NAT now in 2.0

    Scheduled Pinned Locked Moved
    2.0-RC Snapshot Feedback and Problems - RETIRED
    1
    1
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Efonnes
      last edited by

      As of snapshot builds after this post, there is an NAT reflection implementation included for 1:1 NAT mappings.  It has a separate option in the same area as the other, and like the other it is not enabled by default.  If you want to test it out, enable it by unchecking the box, and let me know if there are any issues (either by posting here or filing a bug report).

      The implementation is different than the current implementation used for port forwards (though reflection on port forwards may use an updated version of this implementation in the future).  It should be more efficient in both CPU and RAM utilization since it is implemented entirely with pf rules, rather than having to use an external program, spawning a new process for each connection, in addition to still needing to forward the packets to that program in the first place.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.