On Thu, 2008-05-22 at 12:06 -0600, Dr. Scott S. Jones wrote: > What then, about the design of so many routers, causes the connections, > whether ssh sessions or others to fail?
In order for NAT to work long-term you have to expire mappings that haven't been used in a while so that you can add new mappings to the table. Some probably do this based purely on available memory but most will expire mappings based on how long it's been since the last packet. Honestly it would be a better design to use available memory (and ports) as the indicator for when to expire an older mapping but most just have a timeout (or very small tables). /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
