IPFW natd to ipfw nat

Anti_Evil

Member

Reaction score: 4
Messages: 75

Hello there,

I just deployed simple private OpenVPN service by following instructions from:
https://www.digitalocean.com/community/tutorials/how-to-configure-and-connect-to-a-private-openvpn-server-on-freebsd-10-1

Well, everything seems to be fine ... except I observed that 'natd' process utilizes lots of CPU resources ..

After searching in the forum, I found that the most suggested case is to not using natd and use the ipfw nat instead.

Here it is my current rc.conf:
Code:
firewall_enable="YES"
firewall_type="open"
gateway_enable="YES"
natd_enable="YES"
natd_interface="vtnet0"
natd_flags="-dynamic -m"
So, I'd like to confirm changing the config to below will do the job ?
Code:
firewall_enable="YES"
firewall_type="open"
gateway_enable="YES"
firewall_nat_enable="YES"
firewall_nat_interface="vnet0"
The another question is what is the equivalent for natd_flags="-dynamic -m" in ipfw ?
 

perkypork

Active Member

Reaction score: 28
Messages: 108

I have posted a number of IPFW kernel NAT instructions on the forums. Have a look at some of my posts.
 
Top