From owner-freebsd-net Fri Feb 8 2:45: 1 2002 Delivered-To: freebsd-net@freebsd.org Received: from vic.inty.net (vic.inty.net [213.38.150.164]) by hub.freebsd.org (Postfix) with ESMTP id 32B2637B41D for ; Fri, 8 Feb 2002 02:44:56 -0800 (PST) Received: from inty.hq.inty.net ([213.38.150.161]) by vic.inty.net (8.11.3/8.11.3) with ESMTP id g18Aim514931 for ; Fri, 8 Feb 2002 10:44:48 GMT Received: from tariq ([10.0.1.156]) by inty.hq.inty.net (8.12.1/8.12.1) with SMTP id g18Ail3a004021 for ; Fri, 8 Feb 2002 10:44:48 GMT From: "Tariq Rashid" To: Subject: RE: squeeze more performance out of natd? - tests ... Date: Fri, 8 Feb 2002 10:47:26 -0000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: <004701c1b01e$7039d3f0$361c1a09@gsicomp.on.ca> X-Sender-IP: 10.0.1.156 X-INT-DeliveryDone: g18Ail3a004021 X-suppress-rcpt-virus-notify: yes X-Skip-Virus-Check: yes X-Virus-Checked: 38385 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org well - i've performed some tests through natd on a test net to see what causes the CPU load to shoot up on out production boxes. i found the following uinteresting: * using natd with the -nonat option still has the "context switch" problem. the throughput is not much better than with nat on. killing nat and bypassing diverts increases throughput significanctly. * the above tests (netperf, netperf with a a 50MB binary ftp going) does not cause natd to load the CPU significantly. i'll try the following to try to see if the load the CPU: * i'll try multiple tcp sessions... * try multiple NAT sources... ps - I can't use ipf/ipnat as it would mean a rewrite of lots of production software. stuck with a bad situation i know. Thanks for the suggestiosn so far. t -----Original Message----- From: owner-freebsd-net@FreeBSD.ORG [mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Matthew Emmerton Sent: 07 February 2002 21:29 To: Tariq Rashid; freebsd-net@FreeBSD.ORG Subject: Re: squeeze more performance out of natd? > i've spent a good number of hours RTFMs, trying to make the best of a bad > situtaion: userland natd instead of kernel-space nat. I've been told that if you use ipf and ipnat, then you get the benefit of kernel-space NAT. Have you investigated this to see how it compares to natd/ipfw for your purposes? -- Matt Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message intY has automatically scanned this email with Sophos Anti-Virus (www.inty.net) intY has automatically scanned this email with Sophos Anti-Virus (www.inty.net) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message