From owner-freebsd-hackers Wed Sep 25 7: 6:53 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 328B237B401 for ; Wed, 25 Sep 2002 07:06:52 -0700 (PDT) Received: from m5.andara.com (m5-real.eastlink.ca [24.222.0.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 735A543E75 for ; Wed, 25 Sep 2002 07:06:51 -0700 (PDT) (envelope-from cswanson@pei.eastlink.ca) Received: from win2000 (u128n231.eastlink.ca [24.224.128.231]) by m5.andara.com (8.12.1/8.12.1) with SMTP id g8PE6q9I010130 for ; Wed, 25 Sep 2002 11:06:53 -0300 (ADT) Message-ID: <005a01c2649c$dba0f5f0$0401a8c0@win2000> From: "Cody Swanson" To: Subject: Problems with NATd performance... Date: Wed, 25 Sep 2002 11:07:17 -0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello all, I just setup a 4.6.2 machine locally on my network at home to replace an aging Linux NAT box I had going. Clients behind the new box can only get 100k/sec downloads while clients behind the old Linux box (running ipchains) get 400k/sec+ downloads off the same cable modem. Locally on the new FreeBSD box I can get 400k/sec downloads with lynx, it just seems as if the NAT is not framing packets right. Also, I have tried downloads from other freeBSD machines, Linux machines and windows2000 machines from inside the network. All max out at around 100k/sec on a download. Again, if I download on the box it self I can see 400k/sec. The machine is a PIII500 with 512mb ram. I have a 3com 3c905 nic for the internal LAN and a D-Link 530TX revA card for the external link to my cable modem. I rebuilt the GENERIC kernel with the following options: options IPFIREWALL options IPDIVERT And I added the following lines to rc.conf (as noted in the handbook) gateway_enable="YES" kern_securelevel_enable="NO" ifconfig_xl0="inet 192.168.1.254 netmask 255.255.255.0" ifconfig_vr0="DHCP" firewall_enable="YES" firewall_type="OPEN" natd_enable="YES" natd_interface="vr0" natd_flags="" Also, here is a copy of an ifconfig of the internal interface: pinky# ifconfig -xl0 xl0: flags=8843 mtu 1500 inet 192.168.1.254 netmask 0xffffff00 broadcast 192.168.1.255 inet6 fe80::260:97ff:fed5:5601%xl0 prefixlen 64 scopeid 0x2 ether 00:60:97:d5:56:01 media: Ethernet autoselect (100baseTX ) status: active At first I thought this was a windows TCP window size issue, but then when my freebsd and Linux boxes showed similar results I concluded it's an issue with my Nat config. Is there anything I can do to increase the throughput? I heard that 3com 3c905's are not the best card going but I have crappy Dlink DE220's in my old gateway and they did far more throughput through an old 486DX4. Any help would be greatly appreciated. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message