Peter Reo Molnar wrote: > Hello, > > I tried setup NAT with IPFW, compiled my kernel and I found that there > is very slow connection. > After I disabled NAT and IPFW then speed was increased. > > 64-bit FreeBSD 9-CURRENT : > With IPFW: 1.2 MB/sec > Without IPFW: 33 MB/sec > > > my ipfw work with i386 (stable) without speed decreasing: > > fw.test.conf: > -f flush > add 00050 divert 8668 ip4 from any to any via re0 > add 00100 allow ip from any to any via lo0 > add 00200 deny ip from any to 127.0.0.0/8 > add 00300 deny ip from 127.0.0.0/8 to any
This looks like you're using the old style NAT - divert to userland. That has always performed poorly. Perhaps not as poorly as this though. How much CPU is natd consuming? Have you considered using in-kernel NAT? See the 'NETWORK ADDRESS TRANSLATION' section in the ipfw manual. It's worth a try. Ian -- Ian Freislich _______________________________________________ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
