From owner-freebsd-net Mon Nov 19 11:20:26 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 2EE9A37B405 for ; Mon, 19 Nov 2001 11:20:21 -0800 (PST) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id LAA28618; Mon, 19 Nov 2001 11:10:31 -0800 (PST) Date: Mon, 19 Nov 2001 11:10:30 -0800 (PST) From: Julian Elischer To: Brendan Kosowski Cc: FreeBSD Networking Subject: Re: Services very slow on Firewall/nat boxes. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org If you have IPdivert, does this mean that you have natd running? If so, then probably the initiation of a new session is paging in pages of the natd that were paged out. (and allocating new data structures. On Mon, 19 Nov 2001, Brendan Kosowski wrote: > > I am running natd on a FreeBSD box with IPFIREWALL and IPDIVERT added to > the kernel. Firewall type is open. > > I have noticed that when you run a server (eg. sendmail, named, pop3 etc.) > on the above, initial connection to the service is very slow (ie. between > 5 and 60 seconds ), however once connection has been established data > transfer becomes very fast (as per normal). > > If I disable natd and replace kernel with original, initial connection to > services is very fast. > > This box is on a network with very little traffic. > > I would greatly appreciate any help on speeding up initial connection to > services. > > > Regards, Brendan Kosowski > > ------------------------- > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message