[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] NAT limitation on NG
Title: Message I'm
speaking from my general knowledge of NAT/PAT rather than anything
Checkpoint-specific here, But theoretically, 64K is probably about the limit
based on a scenario where each private IP has a single connection (i.e., port
associated with the public address) to the outside world. No more ports =
no more talking.
Realistically, as a given private IP can open up several sessions at once
and consume multiple ports from that public IP, the number is going to be much
lower. How much lower? Don't know, but whatever it is it's
traffic-dependent.
|