Date: Thu, 23 Dec 2004 13:50:16 +0000 From: Josh Paetzel <josh@tcbug.org> To: freebsd-stable@freebsd.org Subject: Re: FreeBSD 5.3-STABLE makes terrible router/gateway? Message-ID: <200412231350.16452.josh@tcbug.org> In-Reply-To: <20041223141828.B1788@ganymede.hub.org> References: <20041223141828.B1788@ganymede.hub.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 23 December 2004 18:24, Marc G. Fournier wrote: > Due to limitations in the standard 'linksys/dlink/netgear' routers, > as far as firewalls are concerned, last night I setup one of my > 5.3-STABLE boxes as being the gateway ... unless I've set something > up wrong, 'blows chunks' is what comes to mind :( > > The machine: > > CPU: Intel(R) Pentium(R) 4 CPU 2.00GHz (1995.01-MHz 686-class CPU) > real memory = 536805376 (511 MB) > avail memory = 519823360 (495 MB) > > Two controllers: > > fxp0: <Intel 82550 Pro/100 Ethernet> port 0xd000-0xd03f mem > 0xfa000000-0xfa01ffff,0xfa021000-0xfa021fff irq 19 at device 9.0 on > pci2 miibus0: <MII bus> on fxp0 fxp0: Ethernet address: > 00:02:b3:ee:da:3e > > de0: <Digital 21140A Fast Ethernet> port 0xd100-0xd17f mem > 0xfa020000-0xfa02007f irq 20 at device 11.0 on pci2 de0: > [GIANT-LOCKED] > de0: SMC 9332BDT 21140A [10-100Mb/s] pass 2.0 > de0: enabling 10baseT port > de0: Ethernet address: 00:00:c0:b9:e1:f9 > > Firewall rules are bare minimal: > > # ipfw list > 00050 divert 8668 ip from any to any via de0 > 01000 allow ip from any to any > 65535 deny ip from any to any > > And natd is running with: > > -redirect_port tcp 192.168.1.4:22 22 -n de0 > > I run interactive sessions to my remote/colo servers ... and I can > *see* the difference between the Linksys and the FreeBSD box, as > far as being able to get work done is concerned ... > > My only thought is that its the de controller itself ... when I > tried to compile it into the kernel, vs using it as a module, it > caused the server itself to crash just before it did the PRNG stuff > (just after mounting root) ... loading it as a module works fine > though ... > > is there a problem with the de driver itself, or 5.x, that needs to > be looked into? > > thanks ... > > ---- > Marc G. Fournier Hub.Org Networking Services > (http://www.hub.org) Email: scrappy@hub.org Yahoo!: > yscrappy ICQ: 7615664 Is it possible that there is a 10/100 or duplex mismatch on the NICs? I use a 200mhz Ppro w/ the fxp0 and sis0 drivers to nat/firewall a 3mbps connection so I would think your hardware is sufficient to do the job. -- Thanks, Josh Paetzel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200412231350.16452.josh>