SecureNAT modes?

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
chaoscreater
Posts: 12
Joined: Fri Jun 30, 2017 12:32 am

SecureNAT modes?

Post by chaoscreater » Tue Aug 14, 2018 12:09 am

I couldn't find any good documentations on this, so can someone confirm the difference between the modes? Correct me if I'm wrong:

- In User mode, the NAT delegates routing to the host OS. So based on the host OS routing tables - route print ?
Based on the above, how does kernel-mode and raw-IP mode route traffic?

- User mode NAT was first implemented, then later came kernel-mode and raw-IP mode. User mode has lower throughput than the other modes. User mode uses the TCP/IP stack of the VPN server host.

- Raw-IP mode is only available to Linux and uses the IP address of the VPN server host. You need to be able to prevent the host OS from responding to packets addressed to the virtual NAT, so a filter for blocking he response of the host OS iptables is needed. This apparently is only possible in Linux?

- Kernel mode uses Softether's built-in TCP/IP stack and local bridge.
But isn't Local Bridge separate to SecureNAT ??? Confused.

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: SecureNAT modes?

Post by thisjun » Wed Sep 05, 2018 8:19 am

Do you check this page? (in Japanese)
https://ja.softether.org/4-docs/3-kb/VPNFAQ036

Post Reply