Feature #2240
closed
Find interface subnets and static routes without the routing table in outbound NAT rule generation for reflection
0%
Description
While it is only done once during filter reload, I've been told that on systems with a large IPv4 routing table, getting a copy of the routing table can take some number of minutes. Instead of using the routing table, the various places where this info resides in the config should be aggregated and used instead for finding the information that is needed for generating the outbound NAT rules for reflection.
Updated by Erik Fonnesbeck almost 12 years ago
- Tracker changed from Todo to Feature
- Status changed from New to Feedback
- Target version set to 2.1
I can't change the status of "todo" type tickets for some reason, so I'm changing this one to "feature"
With these 3 commits it is working now without dumping a copy of the routing table. It doesn't support VPNs yet without manually creating outbound NAT rules, but then I don't think it ever really did in the first place even before these changes.
Updated by Chris Buechler over 11 years ago
- Status changed from Feedback to Resolved