15k users, BSD and some commodity hardware - let's NAT!

Kevin Wilcox

The NATYosef project went live in summer 2011. Our goal: to NAT and firewall fifteen thousand students on commodity hardware.

This will cover the evolution of the Appalachian State network, the issues that caused us to assign students private addresses, why our sixteen thousand public addresses weren't enough, the obstacles we have faced in our deployment, the lessons we've learned and some of the obstacles we have left to overcome.

The session is intended for those that need a stateful firewall without application-level inspection, those considering free Unix as a firewall and those considering moving their users to RFC-1918 private address space.

Users of all levels are encouraged to attend.


Experience level: 

Schedule info

Time slot: 
1 November 16:45 - 17:30
Breakout Room - G