Explain "Disable expansion of this entry into IPs on NAT lists"
-
There are virtually no results for "Disabled expansion of this entry into IPs on NAT lists" and it is not mentioned in the manual.
What exactly does this do in the context of a vIP of type "Other"?
-
If you select Network for your Address type, then that checkbox determines whether the NAT lists will hold just the network/mask alone, or if it adds each individual address in that network as a separate entry. I can't think of too many uses for it. Perhaps if you want to alias a subnet but need to make a few exceptions. The entire network is not suitable for that, but if its expanded then you could potentially remove a few entries? I'm not sure.
-
@KOM thanks for the explanation.
I think of a single use: if you add a very large subnet it could potentially crash the pfsense webserver when it tries to expand the list.
-
@pitchfork said in Explain "Disable expansion of this entry into IPs on NAT lists":
@KOM thanks for the explanation.
I think of a single use: if you add a very large subnet it could potentially crash the pfsense webserver when it ties to expand the list.
That's exactly it. You can still pick the subnet itself from the drop-down, but if you add, say, a /16 you don't really want thousands and thousands of entries in the drop-down list.