netbsd-help: Re: ipnat -- first connection after DoD

Subject: Re: ipnat -- first connection after DoD
To: None <netbsd-help@netbsd.org>
From: Wolfgang Rupprecht <wolfgang@wsrcc.com>
List: netbsd-help
Date: 10/07/1999 02:33:19

ingolf@knuut.de (Ingolf Koch) writes:
> My firewall uses dial on demand and each time gets a
> different IP address from my provider. The problem
> is that if it dials because a connection is requested
> from my LAN via ipnat (on the firewall) to my provider,
> I usually have to restart the client which opened the
> connection or even have to wait for some (ipnat?) timeout.

This is how TCP works.  You can not change IP addresses after a TCP
connection has been opened. 

Dynamic addresses are a crock.  This is a good example of how they
will screw you.

-wolfgang
-- 
       Wolfgang Rupprecht <wolfgang+gnus@dailyplanet.wsrcc.com>
		    http://www.wsrcc.com/wolfgang/
DGPS signals via the Internet  http://www.wsrcc.com/wolfgang/gps/dgps-ip.html