Date: Tue, 3 Apr 2001 21:48:57 -0700 From: "Kevan Olhausen" <kevan@solidnet.com> To: <questions@FreeBSD.ORG> Subject: ipchains and natd Message-ID: <NFBBLLFDMLANHLJIJNPAEEFDCAAA.kevan@solidnet.com> In-Reply-To: <bulk.65555.20010403134354@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I've been using ipchains on Linux for our buisness's firewall so I can masquerade the connections. I recently had the opportunity to change the OS to FreeBSD 4.2 so I set it up with natd and ipfw. The problem was that as soon as there were a few simultanious connections the natd process would start getting 15%-25% CPU time when I looked at top and the connections would eventually start to get slower the more connections there were. The hardware is a Pent II 166. ipchains didn't seem to have any kind of performance hit (because it's using the kernel, I think) but natd is a separate process and it appears to be more vulnerable. Any thoughts on if this is normal and is there any ipchains-type implementation on FreeBSD? Thanks! ------- Kevan Olhausen kolhausen@windermere.com Information Technologies To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NFBBLLFDMLANHLJIJNPAEEFDCAAA.kevan>