SecureNAT modes?
Posted: Tue Aug 14, 2018 12:09 am
I couldn't find any good documentations on this, so can someone confirm the difference between the modes? Correct me if I'm wrong:
- In User mode, the NAT delegates routing to the host OS. So based on the host OS routing tables - route print ?
Based on the above, how does kernel-mode and raw-IP mode route traffic?
- User mode NAT was first implemented, then later came kernel-mode and raw-IP mode. User mode has lower throughput than the other modes. User mode uses the TCP/IP stack of the VPN server host.
- Raw-IP mode is only available to Linux and uses the IP address of the VPN server host. You need to be able to prevent the host OS from responding to packets addressed to the virtual NAT, so a filter for blocking he response of the host OS iptables is needed. This apparently is only possible in Linux?
- Kernel mode uses Softether's built-in TCP/IP stack and local bridge.
But isn't Local Bridge separate to SecureNAT ??? Confused.
- In User mode, the NAT delegates routing to the host OS. So based on the host OS routing tables - route print ?
Based on the above, how does kernel-mode and raw-IP mode route traffic?
- User mode NAT was first implemented, then later came kernel-mode and raw-IP mode. User mode has lower throughput than the other modes. User mode uses the TCP/IP stack of the VPN server host.
- Raw-IP mode is only available to Linux and uses the IP address of the VPN server host. You need to be able to prevent the host OS from responding to packets addressed to the virtual NAT, so a filter for blocking he response of the host OS iptables is needed. This apparently is only possible in Linux?
- Kernel mode uses Softether's built-in TCP/IP stack and local bridge.
But isn't Local Bridge separate to SecureNAT ??? Confused.