4 Jul
2003
4 Jul
'03
2:04 p.m.
On Thu, Jul 03, 2003 at 06:00:03PM +0000, jan@tegtmeier.de wrote:
Balazs Scheidler wrote:
NAT _is_ needed as redirection is implemented using NAT. TCP sessions are conntracked and this have to be so.
Yes, of course. I only worried about the overhead of the double-conntracking and did not think to the end, that it is really needed twice ;-(.
apart from the kernel memory load, it should not cause real problems if you double the conntrack hash size (ip_conntrack module parameter) -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1