From owner-freebsd-questions Tue Nov 14 15:23:54 2000 Delivered-To: freebsd-questions@freebsd.org Received: from hobbiton.org (thorin.hobbiton.org [216.161.236.98]) by hub.freebsd.org (Postfix) with ESMTP id 5F8F637B4C5 for ; Tue, 14 Nov 2000 15:23:49 -0800 (PST) Received: from localhost (remraf@localhost) by hobbiton.org (8.10.1/8.10.1) with ESMTP id eAENK1821537 for ; Tue, 14 Nov 2000 17:20:03 -0600 (CST) Date: Tue, 14 Nov 2000 17:20:01 -0600 (CST) From: sanjeev singh X-Sender: remraf@thorin To: freebsd-questions@FreeBSD.ORG Subject: natd limiting download speed? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello, I recently set up an ipfw+natd machine (FreeBSD 3.5.1R) for sharing my = cable connection. Unfortunately, natd appears to be limiting the = maximum bandwidth available! Using netperf, I have established that I can get up to just under 4mbps = with natd enabled, and 4.3mbps with it disabled. This might not look = like a big deal, except that in the former case, my CPU is fully loaded = whereas in the latter it's only at 50%! Also, when testing high speed downloads (from netscape.com), I get the = following results: Download speed: ~350+KB/s CPU States: 50-60% system, ~35% interrupt and <10% idle natd takes up 80% of WCPU and CPU My firewall machine is a 486/66 (32MB Ram) with an NE2K and a Dec DE = 201. Are these results in the ballpark or could I have configured = something wrong? If these results are in the ballpark, what can I do to improve the = situation (short of upgrading my firewall machine)? Is there a more = CPU-efficient version of natd available? Should I try ipfilter/ipnat? Regards, Sanjeev Singh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message