From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrey A Mirtchovski To: 9fans@cse.psu.edu Subject: Re: [9fans] NAT vs /net In-Reply-To: <20010126024815.3C3A3199F1@mail.cse.psu.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Date: Thu, 25 Jan 2001 23:20:59 -0600 Topicbox-Message-UUID: 5212b528-eac9-11e9-9e20-41e7f4b1d025 i guess lucho's question was more towards using p9 as a nat box from machines that have no possibility to 'import' /net (such as windows and linux boxen)... in this case nat is the only plan9 solution, no? On Thu, 25 Jan 2001 presotto@plan9.bell-labs.com wrote: > At its peak there were about 20 people importing our outside interface > to inside machines. After that we began trusting our path through the > firewall and switched to that in order to push on its harder. > > The cost of importing /net is one process on the server machine per > import plus about 5 extra copies of the data due to shoving it trhough > the extra machine plus an extra header per message on the inside net > plus a bunch of context switches you wouldn't need on a nat. > > The advantage is no need to worry about embedded addresses since > they would be 'real'. > > For a small network, 100 or so machines, I wouldn't bother with > a NAT box and just do the import. We're building a super-NAT > box for hiding networks the size of Lucent behind a Plan 9 > box. For that, the import surely wouldn't scale. >