Re: IPNat Stops routing

Ok. I can toss this stuff in sysctl.conf. Does anyone know would this be correct in the sysctrl.conf? Do this numbers have to be multiple of 127?

ipf_nattable_sz=508


Looks like I am getting very slow to resolving this 8 months issue.
Thanks
Travis


>
> Ryan Beasley wrote:
> > Unlike the state table, there's no compiled limit on the
> > size of the NAT table. You're limited only by the amount
> > of memory available to the kernel.
>
> eh?
>
> (ronin)$ pwd
> /ronin/home0/jds/tools/ipf/ip_fil3.4.31
> (ronin)$ grep NAT_TABLE_SZ *
> ip_nat.c:u_int ipf_nattable_sz = NAT_TABLE_SZ;
> ip_nat.h:#ifndef NAT_TABLE_SZ
> ip_nat.h:# define NAT_TABLE_SZ 127
> ip_nat.h:#undef NAT_TABLE_SZ
> ip_nat.h:#define NAT_TABLE_SZ 16383
>
> note:
> NAT_TABLE_SZ = 16383 only when LARGE_NAT is defined; otherwise,
> NAT_TABLE_SZ = 127, which generally isn't enough.
>
> i'd say change NAT_TABLE_SZ and recompile. ps, under solaris
> you can change this parameter (and others) at boot time via
> /etc/system. for more info see my entry here:
> http://www.phildev.net/ipf/IPFsolaris.html#10
>
> there may be a similar way to do this under *bsd, ioctl perhaps?
>
> jim
>
>
>