From owner-freebsd-current Sat Jan 8 19:59:38 2000 Delivered-To: freebsd-current@freebsd.org Received: from wall.polstra.com (rtrwan160.accessone.com [206.213.115.74]) by hub.freebsd.org (Postfix) with ESMTP id C89B415168 for ; Sat, 8 Jan 2000 19:59:34 -0800 (PST) (envelope-from jdp@polstra.com) Received: from vashon.polstra.com (vashon.polstra.com [206.213.73.13]) by wall.polstra.com (8.9.3/8.9.3) with ESMTP id TAA11083; Sat, 8 Jan 2000 19:59:33 -0800 (PST) (envelope-from jdp@polstra.com) From: John Polstra Received: (from jdp@localhost) by vashon.polstra.com (8.9.3/8.9.1) id TAA63459; Sat, 8 Jan 2000 19:59:32 -0800 (PST) (envelope-from jdp@polstra.com) Date: Sat, 8 Jan 2000 19:59:32 -0800 (PST) Message-Id: <200001090359.TAA63459@vashon.polstra.com> To: death@southcom.com.au Subject: Re: 4.0 slower than 3.4? In-Reply-To: <4.2.2.20000109021927.00dba250@mail.southcom.com.au> References: <4.2.2.20000109021927.00dba250@mail.southcom.com.au> Organization: Polstra & Co., Seattle, WA Cc: current@freebsd.org Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In article <4.2.2.20000109021927.00dba250@mail.southcom.com.au>, james wrote: > It's interesting though how i had no ipf rules whatsoever, yet it > introduced so much latency, as Alexander has pointed out in another email. > Why is ipf so slow? I was planning on switching from ipfw/natd to > ipf/ipnat, but i don't think i want to now - considering it's so darn slow. If you want to do NAT, I can tell you without even trying it that ipfilter's NAT will be much faster than natd's. With natd, every packet has to go out from the kernel to userland and back to have its headers rewritten. That's a lot of overhead. Not so with ipfilter -- it's all done inside the kernel. John -- John Polstra jdp@polstra.com John D. Polstra & Co., Inc. Seattle, Washington USA "Disappointment is a good sign of basic intelligence." -- Chögyam Trungpa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message