status (Thursday soon)
Francis Dupont
fdupont at isc.org
Thu Mar 22 21:51:44 UTC 2012
> No need to reboot. iptables -t nat -F, regen the rules. less than < 1
> second overhead...
=> in fact I don't believe this kills the existing connection
(i.e., it doesn't perform a conntrack flush, of course you can
add a contrack flush to this :-)
> and totally devestating to all connections in use. But if that's what
> the spec needs? who needs ssh, or movies, to keep working?
=> this is about CGNs so inconvenience is the rule (:-).
Regards
Francis Dupont <fdupont at isc.org>
More information about the sdcpe-devel
mailing list