From owner-freebsd-net Mon Apr 1 12:19:33 2002 Delivered-To: freebsd-net@freebsd.org Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 6AE0637B41A for ; Mon, 1 Apr 2002 12:19:21 -0800 (PST) Received: (from rizzo@localhost) by iguana.icir.org (8.11.6/8.11.3) id g31KJGS76280; Mon, 1 Apr 2002 12:19:16 -0800 (PST) (envelope-from rizzo) Date: Mon, 1 Apr 2002 12:19:16 -0800 From: Luigi Rizzo To: Peter Brezny Cc: Joost Bekkers , freebsd-net@FreeBSD.ORG Subject: Re: NATD theoretical max and tuning question Message-ID: <20020401121916.B76235@iguana.icir.org> References: <20020401012912.B69717@iguana.icir.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Apr 01, 2002 at 11:00:20AM -0500, Peter Brezny wrote: > > Thank everyone for the background. > > So as far as load on natd is concerned, which is better: no idea. As long as you keep the public ip of the NAT host itself distinct from the public IP of the natted hosts, there should be any diffefence (the former distinction is to avoid passing to natd traffic that has no need to be handled by the daemon). cheers luigi > All private networks translated through one public ip address (about 5 class > c networks total) > > or > > A separate public ip for each private network to be translated through. > > Thanks again for your help. > > Peter Brezny > Skyrunner.net > > > > -----Original Message----- > From: Luigi Rizzo [mailto:rizzo@icir.org] > Sent: Monday, April 01, 2002 4:29 AM > To: Joost Bekkers > Cc: Peter Brezny; freebsd-net@FreeBSD.ORG > Subject: Re: NATD theoretical max and tuning question > > > Actually, following other reports on natd performance trashing under > load and with time, I am under the impression that the library used > by natd (libalias ?) might use some heavyweight data structure > (such as linear lists, or hash tables which saturate too early) > to lookup sessions. > > The bug mentioned below is only partly related -- yes it prevents > natd from doing busy-waiting on an interface, but that is only > part of the story. > > cheers > luigi > > On Mon, Apr 01, 2002 at 11:04:59AM +0200, Joost Bekkers wrote: > > On Sun, Mar 31, 2002 at 08:06:16PM -0500, Peter Brezny wrote: > > > I've got a system acting as a router for about 1000 users behind various > > > private networks who are currently all routed through a pII 400 with > 512M > > > ram. > > > > > > Currently all of these private networks are translated through one > public > > > IP. > > > > > > Frequently the natd process will use more than 50% of the cpu. > > > > > > > This is due to a bug in natd which was fixed in 4.5-STABLE > > > http://docs.freebsd.org/cgi/getmsg.cgi?fetch=2878659+0+archive/2002/freebsd- > questions/20020324.freebsd-questions > > > > I personally noticed the same thing, but it stopped after I > > upgraded natd > > > > Greetz Joost > > joost@jodocus.org > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message