Hacker News new | ask | show | jobs
by SolalPirelli 2867 days ago
The size of the flow table is configurable, and the NAT drops connections once the table is full. (Of course, the NAT also expires old connections)
1 comments
candiodari 2867 days ago
Interesting. Does it keep actively used connections open so as to maintain as much functionality as possible if it's under attack ?
link
SolalPirelli 2867 days ago
Yes, existing connections are kept as long as there is traffic often enough (in either direction) - the timeout is configurable.
link
loxias 2866 days ago
This is truly amazing work, I'm glad you chose Nat as your NF example. One minor question I haven't seen answered anywhere: For vignat, in the git repository and the paper, I see no mention of software license.

May I assume that it is in the public domain, or if not, BSD licensed?

link
SolalPirelli 2866 days ago
Good point. Will talk about it with the other authors. Thanks.
link