Hello there,
I just deployed simple private OpenVPN service by following instructions from:
https://www.digitalocean.com/commun...t-to-a-private-openvpn-server-on-freebsd-10-1
Well, everything seems to be fine ... except I observed that 'natd' process utilizes lots of CPU resources ..
After searching in the forum, I found that the most suggested case is to not using natd and use the ipfw nat instead.
Here it is my current rc.conf:
So, I'd like to confirm changing the config to below will do the job ?
The another question is what is the equivalent for natd_flags="-dynamic -m" in ipfw ?
I just deployed simple private OpenVPN service by following instructions from:
https://www.digitalocean.com/commun...t-to-a-private-openvpn-server-on-freebsd-10-1
Well, everything seems to be fine ... except I observed that 'natd' process utilizes lots of CPU resources ..
After searching in the forum, I found that the most suggested case is to not using natd and use the ipfw nat instead.
Here it is my current rc.conf:
Code:
firewall_enable="YES"
firewall_type="open"
gateway_enable="YES"
natd_enable="YES"
natd_interface="vtnet0"
natd_flags="-dynamic -m"So, I'd like to confirm changing the config to below will do the job ?
Code:
firewall_enable="YES"
firewall_type="open"
gateway_enable="YES"
firewall_nat_enable="YES"
firewall_nat_interface="vnet0"The another question is what is the equivalent for natd_flags="-dynamic -m" in ipfw ?