Subject: weird ipnat problem (on ancient 1.4U)
To: None <>
From: Herb Peyerl <>
List: tech-net
Date: 01/06/2005 10:27:42
so, this is a little weird and I'm probably going to receive a lot of 
"upgrade" advice... I'm also not entirely clear whether this is the 
right place to put this ....

On with it...

So I have a NetBSD/i386 firewall in front of a webserver/oracle 
server/java box/etc ... I have port 80 rdr'd from the external 
interface to the port 80 on the internal apache server... This has been 
running this way happily for 4 or 5 years generally hovering around 
7000 RDR's in the table ...

Recently, as in, since about the middle of december, I've noticed that 
the number of RDR's in the table are increasing... as in, they never 
seem to get expired away... This is a fairly recent phenomena ...

I can't imagine what's changed... I haven't rebooted the machine in 
over a year and it typically has uptimes of 2-3 years... But now, every 
few days, I have to flush the NAT tables...

Here's a graph that shows the behavior:

Anyone got any ideas?  Did something fundamental change in the world of 
http that would be causing this?  There's no significant occurences of 
any groups of IP addresses or anything ....

I do intend to upgrade the machine in a few weeks, but I'm afraid that 
the problem will remain ...