Re: Masquerading - extending the timeout values

Brandon S. Allbery KF8NH (allbery@kf8nh.apk.net)
Fri, 04 Sep 1998 19:50:11 -0300

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alon Ziv: "Re: Module Ideas: Persistence, PnP, and more..."
Previous message: Alon Ziv: "Re: Module Ideas: Persistence, PnP, and more..."
Maybe in reply to: Mark Lehrer: "Masquerading - extending the timeout values"

In message <19980904153548.A29455@sparky.nisa.net>, Jeff Bailey writes:
+-----
| /sbin/ipfwadm -Ms 7200 7200 7200
|
| I probably don't need the second value set as high, and I have had
| problems where I've filled up the masquerade table (I don't know how
| many entries it can take, but it seems to be in the thousands).
+--->8

I'm glad to hear that; I've bumped the UDP timeout on a gateway box behind
which sit thirty-odd boxes who expect to be able to reach the ECE AFS
servers despite being otherwise isolated from the world. (AFS servers don't
like it when the apparent client cache manager port changes on them. Or,
rather, they don't take notice of it; they keep using the original port, for
which the masquerading has lapsed when using the default timeout.)

-- brandon s. allbery [os/2][linux][solaris][japh] allbery@kf8nh.apk.net system administrator [WAY too many hats] allbery@ece.cmu.edu electrical and computer engineering KF8NH carnegie mellon university

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/faq.html

Next message: Alon Ziv: "Re: Module Ideas: Persistence, PnP, and more..."
Previous message: Alon Ziv: "Re: Module Ideas: Persistence, PnP, and more..."
Maybe in reply to: Mark Lehrer: "Masquerading - extending the timeout values"