On Tue, 12 Jul 2011, Arno Schuring wrote: > NAT, by design, is unable to forward unknown packets. That is its only
That is slightly incorrect. It can forward unknown packets just fine, if you ask for the right type of NAT. Don't think the restricted cone NAT you get when you do many-to-one "Linux SNAT" is all there is to NAT. In fact, you can do _stateless_ 1:1 NAT just fine in Linux with a recent enough kernel and userspace, which by definition only deals with unknown packets since it doesn't do any connection tracking (or it wouldn't be stateless in the first place). -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
