Re: IP masquerade limits?

Rogier Wolff (R.E.Wolff@BitWizard.nl)
Sun, 12 Jul 1998 23:34:31 +0200 (MET DST)

Rik van Riel wrote:
>
> On Thu, 9 Jul 1998, Larry McVoy wrote:
>
> > Does ayone have any experience on the maximum number of hosts that can
> > be masqueraded with one machine? Assuming that you don't run out of CPU
> >
> > Given 60K ports or so, if you assume everyone is netscaping away, seems
> > like the limit is probably somewhere in the 5K active users range. Am I
> > even close?
>
> I believe that TCP connections are identified by the port
> numbers of both hosts. This means you can open an ftp (21)
> connection to ftp.funet.fi at the same time I am.
>
> This would give you 60k**2 = 3600M possible connections

Besides the IP address also factoring in, the problem could very well
be that the masquerading code considers a port "in use" once someone
uses it for masquerading.... Sure it could start reusing ports as soon
as the range is "full" and no conflicts are found (i.e. connected to
same IP/prot), but that would make the demultiplexing more difficult
(not implemented).

Roger. 

-- 
Actor asks a collegue: "To what do you owe your success in acting?"
Answer: "Honesty. Once you've learned how to fake that, you've got it made."
-------- Custom Linux device drivers for sale! Call for a quote. ----------
Email: R.E.Wolff@BitWizard.nl || Tel: +31-15-2137555 || FAX: +31-15-2138217


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html