Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 04 Dec 1999 14:47:08 -0800
From:      "Ronald F. Guilmette" <rfg@monkeys.com>
To:        Brian Dean <brdean@unx.sas.com>
Cc:        freebsd-hackers@FreeBSD.ORG
Subject:   Re: natd is jumpy 
Message-ID:  <17505.944347628@monkeys.com>
In-Reply-To: Your message of Fri, 03 Dec 1999 18:59:40 -0500. <199912032359.SAA58078@dean.pc.sas.com> 

next in thread | previous in thread | raw e-mail | index | archive | help

In message <199912032359.SAA58078@dean.pc.sas.com>, you wrote:

>Hi,
>
>I posted this on -questions about five days ago and haven't received
>any hints or suggestions.  Does anyone here have any ideas?
>
>I use natd and a 56k phone connection to my ISP so that all my
>computers can share one line.
>
>This all works fine, but I experience very noticeable jumpiness when
>typing over a telnet connection to a remote system.  Delays of 7-10
>seconds between typing characters and them appearing on my screen are
>not uncommon.  If I rebuild my kernel without IPFIREWALL and IPDIVERT,
>and disable natd and the firewall code, these delays go away so I am
>assuming that it is natd/firewall/divert that is responsible for this
>delay.

I think that is a bad assumption.

I'm running FreeBSD 3.3 with IPFIREWALL, IPDIVERT, and natd also over a
56k modem, and I _never_ have seen the kind of slow echo effect you
are speaking of, except on very rare occasions when _somebody_ between
me and whichever machine I'm talking to happens to be dropping a lot of
packets.  And obviously, in those cases, it ain't the fault of my FreeBSD
box.

>Is there a parameter or anything that I can tune to eliminate or
>reduce this affect?

Maybe change your ISP (?)

But seriously, next time it happens, try doing some pings to the remote
system that you are telnetting to.  Look for dropped packets.  Doing a
couple of traceroutes to the remote system from your location might pro-
vide some useful info also.

>I am running FreeBSD -current as of 11/21 and my firewall is set up as
>"open".

That just means that you have minimal filtering rules in place.

I have a *lot* of filtering rules in place on my system, but the kernel-
level divert and firewall stuff still seems to run like a bat outta hell.
At least that's my general impression.  I really didn't notice any response
degradation whatsoever when I when from an old kernel that was built
without IPFIREWALL and IPDIVERT to a new one that was built with these
things enabled.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17505.944347628>