From owner-freebsd-security Fri Jun 30 5:59: 1 2000 Delivered-To: freebsd-security@freebsd.org Received: from blackhelicopters.org (geburah.blackhelicopters.org [209.69.178.18]) by hub.freebsd.org (Postfix) with ESMTP id F0A9737B5D2 for ; Fri, 30 Jun 2000 05:58:57 -0700 (PDT) (envelope-from mwlucas@blackhelicopters.org) Received: (from mwlucas@localhost) by blackhelicopters.org (8.9.3/8.9.3) id IAA20130 for freebsd-security@freebsd.org; Fri, 30 Jun 2000 08:58:56 -0400 (EDT) (envelope-from mwlucas) From: Michael Lucas Message-Id: <200006301258.IAA20130@blackhelicopters.org> Subject: Re: ipfilter & pptp & freebsd In-Reply-To: from Mike Nowlin at "Jun 29, 2000 4:49:29 pm" To: freebsd-security@freebsd.org Date: Fri, 30 Jun 2000 08:58:56 -0400 (EDT) X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org (I'm answering this one message and copying the list, rather than copying the list on *all* the replies.) An interface mismatch doesn't appear to be the problem; other transfers go lickety-split. I can download huge files without difficulty. It doesn't appear to be packet loss. netstat -i doesn't show anything unusual. I've pulled all the firewall rules, leaving only a "pass any to any" and the NAT. No better. Also, I've tried a bimap. No change. One other thing: according to the little PPTP box on Windows (for what it's worth), the speed starts off quick. It just slows down gradually, until it reaches a dead crawl. The firewall packet log seems to agree, although I haven't done a detailed line-by-line analysis to see how many packets pass at any given second. Might ipfw/natd work better? Anyone have any other ideas? ==ml > Speed issues like this can be caused by half/full duplex mismatching on > the ethernet interfaces. I had one the other day that had been running > for several months (with occasional reboots without any problems), and > then after the last reboot, the auto-negotiation failed between the switch > and the fxp card -- the switch was running 100-half, and the fxp card was > running 100-full... Result? Estimated 27 hours to transfer a 1.3gig > file. Rebooted & forced the parameters on both switch & fxp to 100-full, > and the transfer took no time at all. > > You may want to try doing some large transfers between the FBSD<->Windows > box and FBSD<->OutsideWorld to see what happens. If this is your problem, > one or both of these will be cripplingly slow. > > mike > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message