Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 26 Jul 2016 11:55:16 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-doc@FreeBSD.org
Subject:   [Bug 211380] Add rule to avoid packets that natd divert doesn't need to see
Message-ID:  <bug-211380-9@https.bugs.freebsd.org/bugzilla/>

next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D211380

            Bug ID: 211380
           Summary: Add rule to avoid packets that natd divert doesn't
                    need to see
           Product: Documentation
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Documentation
          Assignee: freebsd-doc@FreeBSD.org
          Reporter: ahicks@p-o.co.uk

Created attachment 172993
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D172993&action=
=3Dedit
Patch to add firewall rule to example

natd can have higher utilisation when it sees unnecessary packets.

Adding a rule to send packets out that natd doesn't need to reduces CPU cyc=
les.

For background see
https://lists.freebsd.org/pipermail/freebsd-ipfw/2013-February/005306.html

My testing and implementation reduced ~50% wcpu to < 1%

--=20
You are receiving this mail because:
You are the assignee for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-211380-9>