Subject: RE: getting ipnat working
To: James Wetterau <firstname.lastname@example.org>
From: Mike Pelley <email@example.com>
Date: 11/30/1999 18:54:23
> Despite specifying in my rc.conf that both ipfilter and
> ipnat are "YES", I still had to use sysctl to get ipnat
> going after rebooting.
So far as I understand, the kernel options IPFORWARDING=1 and GATEWAY will
both turn on ipforwarding (so no sysctl is required), and GATEWAY also
increases the size of NMBCLUSTERS on most ports. I imagine ipforwarding is
not on by default in GENERIC because it is a bit safer to avoid forwarding
packets between interfaces as soon as the box is brought up. Better the
installer/admin enables it explicitly (say, by compiling his own kernel).
However, so far as I understand, source routed packets ARE routed through
the GENERIC kernel by default, and controlled by the IPFORWSRCRT option (or
the matching sysctl).