Date: Thu, 7 Feb 2002 10:57:51 -0800 (PST) From: Julian Elischer <julian@elischer.org> To: Tariq Rashid <tariq@inty.net> Cc: freebsd-net@freebsd.org Subject: Re: squeeze more performance out of natd? Message-ID: <Pine.BSF.4.21.0202071055530.91961-100000@InterJet.elischer.org> In-Reply-To: <MPENKFCCIIDAJKJJOLBHAELPCHAA.tariq@inty.net>
next in thread | previous in thread | raw e-mail | index | archive | help
first advise: add more firewall rules so that any packets that YOU KNOW will not be translated will bypass the natd.. i.e. make sure packets fromteh localhost are not sent to natd. What throughput are you trying to NAT? I've never seen it be an issue. On Thu, 7 Feb 2002, Tariq Rashid wrote: > > i've spent a good number of hours RTFMs, trying to make the best of a bad > situtaion: userland natd instead of kernel-space nat. > > the only practical advice i found was to increase the maxusers kernel > option - we're already at 1024 (with plenty of ram to support it). other > advice was to have a streamlined ipfw list and i think mine is. > > the problem is that high network traffic with natd means that the CPU > spends its time doing nat and not paying much attention to anything else. > re-niceing it just means lower thoughput. > > > any advice on squeezing more out of natd? > * natd spawning other natds? > * combinations of command line options? > * more kernel parameter tweaking? > > thanks > > tariq > > > intY has automatically scanned this email with Sophos Anti-Virus (www.inty.net) > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0202071055530.91961-100000>