From owner-freebsd-questions Thu Nov 16 6:47:45 2000 Delivered-To: freebsd-questions@freebsd.org Received: from femail2.sdc1.sfba.home.com (femail2.sdc1.sfba.home.com [24.0.95.82]) by hub.freebsd.org (Postfix) with ESMTP id C5F7037B4CF for ; Thu, 16 Nov 2000 06:47:40 -0800 (PST) Received: from cx443070b ([24.0.36.170]) by femail2.sdc1.sfba.home.com (InterMail vM.4.01.03.00 201-229-121) with SMTP id <20001116144728.XKXZ19780.femail2.sdc1.sfba.home.com@cx443070b>; Thu, 16 Nov 2000 06:47:28 -0800 Message-ID: <00b701c04fdc$7b1afea0$aa240018@cx443070b> From: "Jeremiah Gowdy" To: "sanjeev singh" , References: Subject: Re: natd limiting download speed? Date: Thu, 16 Nov 2000 06:49:54 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG ----- Original Message ----- From: "sanjeev singh" To: Sent: Tuesday, November 14, 2000 3:20 PM Subject: natd limiting download speed? > > Hello, > > I recently set up an ipfw+natd machine (FreeBSD 3.5.1R) for sharing my = > cable connection. Unfortunately, natd appears to be limiting the = > maximum bandwidth available! > > Using netperf, I have established that I can get up to just under 4mbps = > with natd enabled, and 4.3mbps with it disabled. This might not look = > like a big deal, except that in the former case, my CPU is fully loaded = > whereas in the latter it's only at 50%! > > Also, when testing high speed downloads (from netscape.com), I get the = > following results: > Download speed: ~350+KB/s > CPU States: 50-60% system, ~35% interrupt and <10% idle > natd takes up 80% of WCPU and CPU > > My firewall machine is a 486/66 (32MB Ram) with an NE2K and a Dec DE = > 201. Are these results in the ballpark or could I have configured = > something wrong? Using a 486 66 with 32megs I can't see what the problem is. Of course you're going to lose speed to such a slow computer. May I suggest you order a newer computer, even something as simple as an AMD K6-2 500mhz with motherboard can be purchased from PriceWatch.com for $109. If you're using anything less than a Pentium Pro or K6, I would expect lag on your NAT. > If these results are in the ballpark, what can I do to improve the = > situation (short of upgrading my firewall machine)? Beyond upgrading your machine, I can't see how you can improve the situation. This is the physical limitation of the memory bandwidth and processing speed of a 486 CPU. It simply can't pass more than what it can pass. It has nothing to do with the NAT translation software or firewall. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message