|
||||||||
I'm having an issue with NAT when multiple machines on the LAN ping multiple hosts on the WAN side at the same time. I've tested this on m0n0 1.0 and 1.1b16 and both exhibit this behavior. My setup is this: linuxpc1: 172.16.0.200 linuxpc2: 172.16.0.199 LAN-m0n0: 172.16.0.1 WAN-m0n0: 192.168.0.191 As far as m0n0wall configuration is concerned, it's pretty much vanilla. I set the devices, set the LAN ip and dhcp range and that's it. On both the linux boxes, I run fping -c 1 -w 1 ns1.google.com ns1.yahoo.com www.ingateusa.com and sleep for 5 seconds. Basically they send simultaneous pings to three hosts once a second. On the WAN side of the m0n0wall box, I've uploaded an run tcpdump via exec.php, here's what it sees: 02:08:43.250343 172.18.0.199 > ns1.google.com: icmp: echo request (DF) 02:08:43.302480 172.18.0.199 > www.ingateusa.com: icmp: echo request (DF) 02:08:43.302572 172.18.0.199 > ns1.yahoo.com: icmp: echo request (DF) 02:08:47.915300 192.168.0.191 > ns1.google.com: icmp: echo request (DF) 02:08:47.930059 192.168.0.191 > ns1.yahoo.com: icmp: echo request (DF) 02:08:47.935127 ns1.google.com > 192.168.0.191: icmp: echo reply (DF) 02:08:47.951580 ns1.yahoo.com > 192.168.0.191: icmp: echo reply (DF) 02:08:47.973592 192.168.0.191 > www.ingateusa.com: icmp: echo request (DF) 02:08:47.980707 172.18.0.200 > ns1.google.com: icmp: echo request (DF) 02:08:47.991093 172.18.0.200 > ns1.yahoo.com: icmp: echo request (DF) Note that some packets are not getting NATted? This seems to be a bug in freebsd but I was wondering if anyone had any pointers to how to fix it? Here's some references to one other guy who has seen this problem: http://lists.freebsd.org/pipermail/freebsd-questions/2003-December/028933.html Any advice? |