As per the title really, I was reading that Tailscale sponsored a NAT Implementation in FreeBSD, which has made its way into pfSense - https://tailscale.com/blog/nat-traversal-improvements-pt-1#sponsoring-freebsds-endpoint-independent-nat-patch
This seems like a really useful compromise, which I imagine would be fairly popular.
For clarity I'm not seeking timelines or anything - I'm purely seeking clarity on whether its on the roadmap and/or whether any maintainers would be likely to be interested in implementing it in OPNsense?
Just replying to also voice my desire and support of this feature.
The Tailscale team has done some great work with this upstream in FreeBSD/pf with the FreeBSD Foundation's support. They called out OPNSense by name, so I do hope this makes its way in to OPNSense once it makes its way in to FreeBSD stable. From the looks of things, it is not yet there - see discussion in the review link below.
There appears to have also been an issue opened in the OPNSense repo asking for support of this, but it was auto-closed.
Links:- Review thread with (well, sort of) recent discussion: https://reviews.freebsd.org/D11137
- Parent bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219803
- Project page for the work: https://www.freebsd.org/status/report-2024-07-2024-09/eim-nat/
- Tailscale blog post about the work as shared by TheDragon: https://www.freebsd.org/status/report-2024-07-2024-09/eim-nat/
- OPNSense GitHub issue asking for support of this feature: https://github.com/opnsense/core/issues/8384
Reading the reviews link it does not seem like that commit is in FreeBSD 14. Which means this will not hit the OPNsense kernel for a while if its not backported. So this looks more like it takes well into 2026-27 and FreeBSD 15 based OPNsense.