From owner-freebsd-questions  Sun Sep 23  8:50:30 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from slacknet.slacknet.com (slacknet.slacknet.com [204.228.135.180])
	by hub.freebsd.org (Postfix) with ESMTP id 8E5E837B434
	for <freebsd-questions@freebsd.org>; Sun, 23 Sep 2001 08:50:25 -0700 (PDT)
Received: from rj45 (helo=localhost)
	by slacknet.slacknet.com with local-esmtp (Exim 3.12 #1 (Debian))
	id 15lBWT-0000ft-00
	for <freebsd-questions@freebsd.org>; Sun, 23 Sep 2001 09:50:25 -0600
Date: Sun, 23 Sep 2001 09:50:25 -0600 (MDT)
From: RJ45 <rj45@slacknet.com>
To: freebsd-questions@freebsd.org
Subject: STRANGE delay using NAT
Message-ID: <Pine.LNX.4.21.0109230942430.2545-100000@slacknet.slacknet.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG



Hello,
it hapens to me a curious thing and I would like to have your comments and
suggestions about it.

I have 2 machines. One is the NAT gateway and he other is te client on a
hiddent network.

hosta is te gateway with IP Address x.y.z.w
hostb is the client with IP Address 10.0.0.1

hosta has also an alias IP Address x.y.z.v on the outer (dc0) interface on
the inner interface (fxp0)  (NIC) it has 10.0.0.254

here is my nat rules on hosta:

map dc0 10.0.0.0/24 -> x.y.z.w/32 portmap tcp/udp 10000:20000
map dc0 10.0.0.0/24 -> x.y.z.w/32
rdr dc0 x.y.z.v/32 port 22 -> 10.0.0.1 port 22 tcp

so that in this way I Can make a   ssh x.y.z.v and I will be automatically
redirected to 10.0.0.1 on the hidden network.
IT works but here is the big problem.

when I ssh x.y.z.v it takes around 3 minutes before prompting me for the
password. If I Instead ssh x.y.z.w (the gateway) and then ssh 10.0.0.1
it takes around 5 seconds.
How come the response time with NAT is soooo damn slow ??
IS there a way to fix the problem ??
The problem is only in te first ssh authentication step, when SSH
communication is established the connection looks fast.

thanks

Rick



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message