Thread: Academic Question - DoS HIDE NAT table
View Single Post
  #5 (permalink)  
Old 2006-12-13
chillyjim chillyjim is offline
Senior Member
  
Join Date: 2005-08-29
Location: Upstate NY
Posts: 1,681
Rep Power: 5
chillyjim has an average reputation (10+)
Send a message via AIM to chillyjim Send a message via Skype™ to chillyjim
Default Re: Academic Question - DoS HIDE NAT table
Quote:
Originally Posted by fsanches View Post
Hi,

In theory (and practice) HIDE NAT has a capacity of 50.000 connections per server.
It is potentialy more than that in NGX. Check Point now hides based on src/dst and not just src anymore. So

1.2.3.4 going to 4.5.6.7 may be translated to 2.2.2.2:15000
1.2.3.5 going to 5.6.7.8 may also be translated to 2.2.2.2:15000 as could
1.2.3.4 going to 8.7.6.5
Reply With Quote