Jim Bryant wrote:
> Terry Lambert wrote:
> > Kenneth Wayne Culver wrote:
> > > I think I found the reason that my FreeBSD box is performing
> > > so poorly as a NATing router. When I do an ipnat -l to see
> > > what "active connections" are there on the router, a list
> > > about 3 pages long (using ipnat -l | more) appears. I think
> > > maybe it's having trouble because for every packet coming in
> > > and out of the router, it's got to look at that list of
> > > active connections for the right one to send to and from. Is
> > > there any way to make connections that aren't being used go
> > > away from the NAT faster? Thanks a lot.
> >
> > Don't run unnecessary daemons.
> >
> > The pcb lookups are a linear traversal, as well, and for
> > a large number of connections, the calllout wheel for
> > timers sucks.
>
> Is there a way to get similar stats from natd?
I don't know; you could look at the netstat output from
the tun interface it uses, and that would give you some
of the flow information.
In general, FreeBSD doesn't completely track SNMP RFC
mandated statistics; I've helped a local person hack
code out of netstat to do things like reporting of the
number of active connections using UCD SNMP, but it's
not common to find FreeBSD keeping stats that match up
100% with the MIB entries people normally like to see
from the generic MIBs.
-- Terry
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
