Overview

Fast Path NAT provides Network Address Translation in the fast path.

To ensure maximal performance, this module implements simple functions based on information found in the shared memory.

If the module cannot find in the shared memory the relevant information based on L3, L4, and L5 headers, the fast path raises an exception.

In accordance with configured filter rules with higher priorities, this exception:

• interacts with other 6WINDGate entities, or,

• sends the packet to Linux networking stack

• drops the packet for security reasons.

The connection tracking establishment and the ALG are managed by the Linux networking stack thanks to the exception mechanism.

Features

• Static and dynamic NAT/PAT

• Connection tracking and ALG (Linux-based)

Dependencies

6WINDGate modules

• Fast Path Filtering IPv4

Linux

• Netfilter: create audit records for x_tables replaces is a kernel patch (upstream 3.9)

  http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbabf31e4d482149b5e

• RPF netfilter export xt_rpfilter.h to userland is a kernel patch (upstream 3.12)

  http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0c03956ac40fdc4fb