Skip site navigation (1)Skip section navigation (2) 
Date:      7 May 2003 20:01:55 +0300
From:      veedee@c7.campus.utcluj.ro
To:        "Eric Anderson" <anderson@centtech.com>
Cc:        Clement Laforet <sheep.killer@cultdeadsheep.org>
Subject:   Re: NAT performance tweaks
Message-ID:  <20030507170155.GA13015@c7.campus.utcluj.ro>
In-Reply-To: <3EB922B7.2080002@centtech.com>
References:  <3EB67822.3070802@centtech.com> <20030505182756.093fb1c3.sheep.killer@cultdeadsheep.org> <3EB6A0BF.1040803@centtech.com> <20030506042044.GA84589@c7.campus.utcluj.ro> <3EB922B7.2080002@centtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, May 07, 2003 at 10:13:59AM -0500, Eric Anderson wrote:
> veedee@c7.campus.utcluj.ro wrote:
> [..snip..]
> >If you have a large network behind your NAT server, defining LARGE_NAT in
> >src/contrib/ipfilter/ip_nat.h and src/sys/contrib/ipfilter/netinet/ip_nat.h
> >might help. Don't forget to recompile the kernel and ipfilter.
> >
> >Strange enough, I used to have huge pings (up to 80ms in a totally switched
> >gigabit network) after a few hours of utilization before fiddling with
> >LARGE_NAT.
> 
> What would you call a "large network"?

according to ip_nat.h...
---
#undef  LARGE_NAT       /* define this if you're setting up a system to NAT
                         * LARGE numbers of networks/hosts - i.e. in the
                         * hundreds or thousands.  In such a case, you should
                         * also change the RDR_SIZE and NAT_SIZE below to more
                         * appropriate sizes.  The figures below were used for
                         * a setup with 1000-2000 networks to NAT.
                         */
---

> 
> Is "LARGE_NAT" something that is able to be made into a sysctl tweak 
> (and if so, should it be?)?

Would certainly be nice to make it as a sysctl. It's a pain in the ass to
edit it manually everytime I cvsup. :/

> Eric
> 
> -- 
> ------------------------------------------------------------------
> Eric Anderson	   Systems Administrator      Centaur Technology
> Attitudes are contagious, is yours worth catching?
> ------------------------------------------------------------------
> 

-- 
| Radu Bogdan Rusu | Network Administrator @ campus.utcluj.ro |
| cvsup3.ro/www4.ro.freebsd.org maintainer |->5b736c616d215d<-|
| Faculty of Automation & Computer Science @ UTCluj , Romania |
|-------------------------------------------------------------|

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030507170155.GA13015>