Hello, I have a router with several interfaces, in particular ex0, which has a public address, and fxp0, with a private address. Production servers are on ex0, and fxp0 is used to link the (NetBSD 2.0.2) router to a cisco router managed by the ISP, which doesn't translate anything (it's a simple KISS router). The point is that I have such rules in my ipnat configuration : map fxp0 172.16.0.0/16 -> 84.96.34.158/32 etc..
I use the public address of ex0 when packets go out through fxp0. This works. However, I have lots of problems with the state table. The default 4013 limit is reached really fast (less than 6 hours sometimes), though ipfstat -sl only shows less than a thousand state entries (one less than the number of buckets used). Is it a know problem, is it linked in any way ? Thanks for your answers. -- Richard Braun
pgpRZkKhooQnK.pgp
Description: PGP signature
