[Dshield] Recommendation for home router
dshield at chrisbuechler.com
Mon Feb 20 22:20:51 GMT 2006
> I agree - the other variable is how many NAT sessions
> can the device handle "reliably". I have seen issues
> with NAT translations falling over. I am looking for a
> nice OpenSource package that would allow me to test
> the max NAT translations a router (this level) would
> carry before breaking down. Particularly interested in
> UDP NAT translations as these have stressed some
> routers I've worked with than TCP translations.
Wish I knew of something. I've looked and came up empty. If anybody
has any pointers, they'd be much appreciated!
As a poor man's test, I've setup a network on the WAN side of firewalls,
treated as the Internet, with a BitTorrent tracker and a couple machines
to seed a large BitTorrent file I created. Then put a couple machines
behind the firewall that access the seeds and tracker via NAT, and get
them downloading the torrent. The max throughput under those
circumstances is a pretty good indicator of the worst-case scenario
throughput of the firewall. And any flaky NAT device isn't going to
stand up to that kind of abuse.
Though that's TCP, not UDP. As a thought off the top of my head, maybe
some sort of DNS stress testing tool could be used across NAT in the
same type of private network setup to test UDP.
More information about the list