Good catch on this guys. We should remember that most modern NAT is
PAT, or hybrid NAT+PAT. You should ask your ISP for more space to NAT
to (A NAT+PAT hybrid pool).
Cisco calls it overloading. Reminds me of a Soundgarden song.
~BAS
On Wed, 2007-06-13 at 12:03 +0100, Stuart Henderson wrote:
On 2007/06/13 12:01, Geraerts Andy wrote:
> >> Jun 13 11:05:01 spock /bsd: pf: NAT proxy port allocation (50001-65535)
> >> failed
> >>
> >> Can this be the cause of my errors?
>
> >Yes, you have run out of available ports to NAT from.
>
> >The straightforward answer is to NAT from a larger pool
>> Jun 13 11:05:01 spock /bsd: pf: NAT proxy port allocation (50001-65535)
>> failed
>>
>> Can this be the cause of my errors?
>Yes, you have run out of available ports to NAT from.
>The straightforward answer is to NAT from a larger pool of addresses
>i.e. nat ... -> { 1.1.1.1, 2.2.2.2, 3.3.3.0
On 2007/06/13 11:12, Geraerts Andy wrote:
> Brian,
>
> Despite the fact that I get tons of State Failures I see this strange message
> :
>
> Jun 13 11:05:01 spock /bsd: pf: NAT proxy port allocation (50001-65535)
> failed
>
> Can this be the cause of my errors?
Yes, you have run out of availabl
>> Jun 13 11:05:01 spock /bsd: pf: NAT proxy port allocation (50001-65535)
>> failed
>this almost sounds like you have something else which grabs these
>ports. do you, intentionally?
Well I can't find anything that could block it. There is no ftp daemon or ftp
proxy or whatever running on the bo
"Geraerts Andy" <[EMAIL PROTECTED]> writes:
> Jun 13 11:05:01 spock /bsd: pf: NAT proxy port allocation (50001-65535)
> failed
this almost sounds like you have something else which grabs these
ports. do you, intentionally?
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation te
]
Verzonden: dinsdag 12 juni 2007 22:03
Aan: Geraerts Andy
CC: misc@openbsd.org
Onderwerp: RE: Sometime NAT, sometimes NOT?
pfctl -x loud && tail -f /var/log/messages
~BAS
On Mon, 11 Jun 2007, Geraerts Andy wrote:
>
>>> We have an OpenBSD firewall running for a while now.
Maybe try to check and possibly replace the interfaces involve as well as the
cables and
let us know if this issue still occur.
> pfctl -x loud && tail -f /var/log/messages
>
> ~BAS
>
> On Mon, 11 Jun 2007, Geraerts Andy wrote:
>
>>
We have an OpenBSD firewall running for a while now. Since
pfctl -x loud && tail -f /var/log/messages
~BAS
On Mon, 11 Jun 2007, Geraerts Andy wrote:
We have an OpenBSD firewall running for a while now. Since a few days we
encounter some sort of selective natting. I try to ping a host, I get reply,
and 2 minutes later I try to ping the same host a
>> We have an OpenBSD firewall running for a while now. Since a few days we
>> encounter some sort of selective natting. I try to ping a host, I get
reply,
>> and 2 minutes later I try to ping the same host and I dont get replies.
>So despite the state being created in both instances, you see a
On Fri, 8 Jun 2007, Geraerts Andy wrote:
We have an OpenBSD firewall running for a while now. Since a few days we
encounter some sort of selective natting. I try to ping a host, I get reply,
and 2 minutes later I try to ping the same host and I dont get replies.
So despite the state being c
We have an OpenBSD firewall running for a while now. Since a few days we
encounter some sort of selective natting. I try to ping a host, I get reply,
and 2 minutes later I try to ping the same host and I dont get replies.
Running tcpdump learned us that the packet isnt always being natted. This
12 matches
Mail list logo