From owner-freebsd-stable  Mon Jan 29  9:22:11 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4])
	by hub.freebsd.org (Postfix) with ESMTP id 15C3C37B698
	for <freebsd-stable@FreeBSD.ORG>; Mon, 29 Jan 2001 09:21:49 -0800 (PST)
Received: from simoeon.sentex.net (simeon.sentex.ca [209.112.4.47])
	by smtp1.sentex.ca (8.11.2/8.11.1) with ESMTP id f0THLag04626;
	Mon, 29 Jan 2001 12:21:36 -0500 (EST)
	(envelope-from mike@sentex.net)
Message-Id: <5.0.1.4.0.20010129121235.037a5ec0@marble.sentex.ca>
X-Sender: mdtpop@marble.sentex.ca
X-Mailer: QUALCOMM Windows Eudora Version 5.0.1
Date: Mon, 29 Jan 2001 12:15:25 -0500
To: David Wolfskill <dhw@whistle.com>, freebsd-stable@FreeBSD.ORG
From: Mike Tancsa <mike@sentex.net>
Subject: Re: ipnat vs natd and ipf vs ipfw (fwd)
In-Reply-To: <200101291716.f0THGu584049@pau-amma.whistle.com>
References: <4.2.2.20010127225302.01e75660@marble.sentex.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At 09:16 AM 1/29/01 -0800, David Wolfskill wrote:
> >Date: Sat, 27 Jan 2001 22:54:20 -0500
> >From: Mike Tancsa <mike@sentex.net>
>
> >At 07:20 PM 1/27/2001 -0500, Espen Oyslebo wrote:
> >>Currently, I have ipfw and natd doing their job fairly well. Is there any
> >>point in switching (yeah,yeah, don't fix it if it ain't broken).
>
> >Actually, I have found ipnat to be *much* faster for my home DSL
> >connection.  My gateway is a lowly Pentium 133 and I can only get full rate
> >net throughput use ipnat. natd is about 33% slower than ipnat for my setup
> >on PPPoE.
>
>Curious.  My home firewall is (still) running FreeBSD 3.2-R; and it's a
>P-120 with 16 MB memory... yet I was able to FTP a good-sized (>1 MB)
>file from ftp.freebsd.org at >150 FB/s.  And I'm using ipfw & natd.

Perhaps it was due to some interaction with natd and PPPoE. Not sure.  From 
the machine itself, I could get full rate throughput on all applications. 
It was only from the machines behind the FreeBSD box where I would notice a 
significant speed drop when using NAT.  Going through squid, or even socks5 
was/is quick-- only with nat would I see the speed drop (e.g. downloading 
binary attachments from my news server).  But as soon as I switched to 
ipnat, the speed was at expected levels from all my home workstations on 
all services.

         ---Mike



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message