Hello,
my configuration is
kernel GENERIC
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=18b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWCSUM,TSO4>
ether 00:19:d1:0f:1c:18
inet 86.49.14.16 netmask 0xffffff00 broadcast 86.49.14.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
and standard "open" ipfw firewall and
natd -u -s -m -d -dynamic -n em0
I experience very slow TCP upload from this host - cca 50kbps.
I have some debug prints in kernel (mostly in ip_output and ipfw log)
and I see:
1/ outgoing packet appears in ip_output with ip_len 2924 and
m->pkthdr.csum_flags=1
2/ is diverted by firewall
3/ Packet appears immediately again in ip_output with ip_len 2924 and
m->pkthdr.csum_flags=1
4/ Packet is accepted by firewall and dropped by ip_output with error 40
EMSGSIZE
5/ After cca 0.4s (tcp retransmit timeout?) new packet appears in
ip_output with ip_len 1488 and m->pkthdr.csum_flags=1
6/ is successfully diverted and accepted by ipfw and sent to wire.
7/ after tcp ack is received new packet appears in ip_output with ip_len
2924 and everything repeats
Packets are not changed by natd, beacause have src address of em0.
nat
Upload has normal speed (512kbps) if
I unset TSO on interface OR set net.inet.tcp.tso=0 OR (strange thing)
delete ipfw divert rule
If necessary I will collect and send more info.
vita
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
