From owner-freebsd-questions Tue Apr 17 17:11:36 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mta5.snfc21.pbi.net (mta5.snfc21.pbi.net [206.13.28.241]) by hub.freebsd.org (Postfix) with ESMTP id 4306637B424 for ; Tue, 17 Apr 2001 17:11:32 -0700 (PDT) (envelope-from john@timogen.com) Received: from timogen.com ([64.167.116.118]) by mta5.snfc21.pbi.net (Sun Internet Mail Server sims.3.5.2000.01.05.12.18.p9) with ESMTP id <0GBY0037JOHLU1@mta5.snfc21.pbi.net> for questions@FreeBSD.org; Tue, 17 Apr 2001 17:10:33 -0700 (PDT) Date: Tue, 17 Apr 2001 17:13:56 -0700 From: John Calderon Subject: question regarding ipfilter and slow response times To: questions@FreeBSD.org Reply-To: john@timogen.com Message-id: <3ADCDC44.BAA5B3F0@timogen.com> MIME-version: 1.0 X-Mailer: Mozilla 4.75 [en] (Windows NT 5.0; U) Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7bit X-Accept-Language: en Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I have a gw/fw/nat machine that is logging icmp/tcp requests but is serious lagging the return reply. a simple ping takes 800007.4ms but on the gw itself it shows it recieves it real-time. I am not blocking anything and letting everything thru ( just to find out the lowest common denominator) and it recieves a ack packet but doesn't forward that to the host behind my gw/fw any body run into the same problem 17/04/2001 15:44:43.947702 dc0 @0:4 p 192.168.200.2,1117 -> 206.13.28.12,53 PR udp len 20 18432 IN 17/04/2001 15:44:43.947744 fxp0 @0:6 p 192.168.200.2,1117 -> 206.13.28.12,53 PR udp len 20 18432 K-S OUT 17/04/2001 15:44:44.947386 dc0 @0:4 p 192.168.200.2 -> 192.168.200.1 PR icmp len 20 21504 icmp 8/0 IN 17/04/2001 15:44:44.947425 dc0 @0:5 p 192.168.100.7 -> 192.168.200.2 PR icmp len 20 21504 icmp 0/0 K-S OUT 17/04/2001 15:44:45.947408 dc0 @0:4 p 192.168.200.2 -> 192.168.200.1 PR icmp len 20 21504 icmp 8/0 IN 17/04/2001 15:44:45.947449 dc0 @0:5 p 192.168.100.7 -> 192.168.200.2 PR icmp len 20 21504 icmp 0/0 K-S OUT 17/04/2001 15:44:46.947398 dc0 @0:4 p 192.168.200.2 -> 192.168.200.1 PR icmp len 20 21504 icmp 8/0 IN 17/04/2001 15:44:46.947444 dc0 @0:5 p 192.168.100.7 -> 192.168.200.2 PR icmp len 20 21504 icmp 0/0 K-S OUT 17/04/2001 15:44:47.947425 dc0 @0:4 p 192.168.200.2 -> 192.168.200.1 PR icmp len 20 21504 icmp 8/0 IN 17/04/2001 15:44:47.947467 dc0 @0:5 p 192.168.100.7 -> 192.168.200.2 PR icmp len 20 21504 icmp 0/0 K-S OUT snippet from my logs. if you would like more info go ahead let me know network looks like this Internet ---- PUBLICIP 192.168.100.254--------192.168.100.7 192.168.200.1 ------- 192.168.200.2 the .2 address goes thru the .1 ( then NAT works ) then connects to the .7 any help is appreciated. john To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message