From owner-freebsd-performance@FreeBSD.ORG Wed May 7 10:01:58 2003 Return-Path: Delivered-To: freebsd-performance@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8DAC637B401 for ; Wed, 7 May 2003 10:01:58 -0700 (PDT) Received: from c7.campus.utcluj.ro (c7.campus.utcluj.ro [193.226.6.226]) by mx1.FreeBSD.org (Postfix) with SMTP id 4FD2D43F75 for ; Wed, 7 May 2003 10:01:57 -0700 (PDT) (envelope-from veedee@c7.campus.utcluj.ro) Received: (qmail 13143 invoked by uid 1008); 7 May 2003 17:01:56 -0000 Date: 7 May 2003 20:01:55 +0300 Message-ID: <20030507170155.GA13015@c7.campus.utcluj.ro> From: veedee@c7.campus.utcluj.ro To: "Eric Anderson" References: <3EB67822.3070802@centtech.com> <20030505182756.093fb1c3.sheep.killer@cultdeadsheep.org> <3EB6A0BF.1040803@centtech.com> <20030506042044.GA84589@c7.campus.utcluj.ro> <3EB922B7.2080002@centtech.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3EB922B7.2080002@centtech.com> cc: freebsd-performance@freebsd.org cc: Clement Laforet Subject: Re: NAT performance tweaks X-BeenThere: freebsd-performance@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Performance/tuning List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2003 17:01:58 -0000 On Wed, May 07, 2003 at 10:13:59AM -0500, Eric Anderson wrote: > veedee@c7.campus.utcluj.ro wrote: > [..snip..] > >If you have a large network behind your NAT server, defining LARGE_NAT in > >src/contrib/ipfilter/ip_nat.h and src/sys/contrib/ipfilter/netinet/ip_nat.h > >might help. Don't forget to recompile the kernel and ipfilter. > > > >Strange enough, I used to have huge pings (up to 80ms in a totally switched > >gigabit network) after a few hours of utilization before fiddling with > >LARGE_NAT. > > What would you call a "large network"? according to ip_nat.h... --- #undef LARGE_NAT /* define this if you're setting up a system to NAT * LARGE numbers of networks/hosts - i.e. in the * hundreds or thousands. In such a case, you should * also change the RDR_SIZE and NAT_SIZE below to more * appropriate sizes. The figures below were used for * a setup with 1000-2000 networks to NAT. */ --- > > Is "LARGE_NAT" something that is able to be made into a sysctl tweak > (and if so, should it be?)? Would certainly be nice to make it as a sysctl. It's a pain in the ass to edit it manually everytime I cvsup. :/ > Eric > > -- > ------------------------------------------------------------------ > Eric Anderson Systems Administrator Centaur Technology > Attitudes are contagious, is yours worth catching? > ------------------------------------------------------------------ > -- | Radu Bogdan Rusu | Network Administrator @ campus.utcluj.ro | | cvsup3.ro/www4.ro.freebsd.org maintainer |->5b736c616d215d<-| | Faculty of Automation & Computer Science @ UTCluj , Romania | |-------------------------------------------------------------|