Date: Thu, 31 Jan 2013 07:03:20 -0800 From: Matthew Luckie <mjl@luckie.org.nz> To: "Eggert, Lars" <lars@netapp.com> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org> Subject: Re: high cpu usage on natd / dhcpd Message-ID: <510A87B8.7000705@luckie.org.nz> In-Reply-To: <D4D47BCFFE5A004F95D707546AC0D7E91F6B79D2@SACEXCMBX01-PRD.hq.netapp.com> References: <D4D47BCFFE5A004F95D707546AC0D7E91F6B79D2@SACEXCMBX01-PRD.hq.netapp.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On 01/31/13 00:45, Eggert, Lars wrote: > Hi, > >> I have a small system running FreeBSD 8.2 that does NAT using ipfw and >> natd to systems attached to two interfaces: em0 and wlan0. I have a >> dhcpd daemon issuing leases on those interfaces. The system has an em1 >> interface plugged into a cable modem where it obtains a DHCP lease from >> an ISP. >> >> For some reason, when traffic from the Internet terminates on the system >> itself (I scp a file from the computer) the natd and dhcpd processes >> consume significant CPU, and the throughput is less than I expect. >> Traffic that passes through to a computer behind the NAT flows without >> causing the natd or dhcpd processes to measurably consume CPU. > > I see exactly the same issue on -STABLE. Have you been able to figure out the cause? sudo ipfw list 00501 allow ip from any to any via lo0 00502 allow ip from any to any via em0 00503 allow ip from any to any via wlan0 00504 allow ip from any to any via vr0 00505 allow ip from any to any via gif0 00506 allow ip from any to any via tun0 00510 allow ip from me to not me out via em1 00550 divert 8668 ip from any to any via em1 Rule 510 fixes it. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlEKh7wACgkQKyuDKSEQAGCduwCgsVw26i3syBMI1M85VjFNHOUs wmEAn21nX7S/Ox9SlMGOGyLU0RKQ0qTX =BTaf -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?510A87B8.7000705>