[afnog] IPfw + natd
Mark Tinka
mtinka at africaonline.co.zw
Thu Dec 1 19:51:52 EAT 2005
On Thursday 01 December 2005 18:08, Phil Regnauld wrote:
> > I'm testing IPfw + natd on FreeBSD 6.0 for Sparc/64.
> > For the most part, it's working, but I can't help
> > feeling like it's a tad sluggish - bumping
> > connections a few times.
>
> To add to Brian's questions -- what traffic are you
> running through it ? (capacity).
Not much, just a single test client - still testing
mostly, so not more than 128Kbps at a single time. Though
when ready for racking, it will push a peak of ~10-15Mbps
minimum.
> On heavy loads it
> helps to go into polling mode so that context switches
> to userland...
I see.
> (as you point out natd runs -- for the
> moment -- in userland, it will be possible in 7.0,
> maybe 6.x to do in-kernel NAT) get a chance to be
> schedules fairly.
Was thinking the exact same thing.
>
> > Because IPfw + natd run in userland, could it be
> > slower because it's not processed in the kernel?
> > Anyone else experience anything like this?
>
> Possibly, on very heavy loads.
Load still too shy to talk about - will continue to focus
on Cisco PA-FE or by-pass it altogether.
Cheers,
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
Url : http://listserv2.cfi.co.ug/pipermail/afnog/attachments/20051201/1a0a0ec7/attachment.bin
More information about the afnog
mailing list