FreeBSD 5.3-STABLE makes terrible router/gateway?

Josh Paetzel josh at tcbug.org
Thu Dec 23 11:52:40 PST 2004 

On Thursday 23 December 2004 18:24, Marc G. Fournier wrote:
> Due to limitations in the standard 'linksys/dlink/netgear' routers,
> as far as firewalls are concerned, last night I setup one of my
> 5.3-STABLE boxes as being the gateway ... unless I've set something
> up wrong, 'blows chunks' is what comes to mind :(
>
> The machine:
>
> CPU: Intel(R) Pentium(R) 4 CPU 2.00GHz (1995.01-MHz 686-class CPU)
> real memory  = 536805376 (511 MB)
> avail memory = 519823360 (495 MB)
>
> Two controllers:
>
> fxp0: <Intel 82550 Pro/100 Ethernet> port 0xd000-0xd03f mem
> 0xfa000000-0xfa01ffff,0xfa021000-0xfa021fff irq 19 at device 9.0 on
> pci2 miibus0: <MII bus> on fxp0 fxp0: Ethernet address:
> 00:02:b3:ee:da:3e
>
> de0: <Digital 21140A Fast Ethernet> port 0xd100-0xd17f mem
> 0xfa020000-0xfa02007f irq 20 at device 11.0 on pci2 de0:
> [GIANT-LOCKED]
> de0: SMC 9332BDT 21140A [10-100Mb/s] pass 2.0
> de0: enabling 10baseT port
> de0: Ethernet address: 00:00:c0:b9:e1:f9
>
> Firewall rules are bare minimal:
>
> # ipfw list
> 00050 divert 8668 ip from any to any via de0
> 01000 allow ip from any to any
> 65535 deny ip from any to any
>
> And natd is running with:
>
> -redirect_port tcp 192.168.1.4:22 22 -n de0
>
> I run interactive sessions to my remote/colo servers ... and I can
> *see* the difference between the Linksys and the FreeBSD box, as
> far as being able to get work done is concerned ...
>
> My only thought is that its the de controller itself ... when I
> tried to compile it into the kernel, vs using it as a module, it
> caused the server itself to crash just before it did the PRNG stuff
> (just after mounting root) ... loading it as a module works fine
> though ...
>
> is there a problem with the de driver itself, or 5.x, that needs to
> be looked into?
>
> thanks ...
>
> ----
> Marc G. Fournier           Hub.Org Networking Services
> (http://www.hub.org) Email: scrappy at hub.org           Yahoo!:
> yscrappy              ICQ: 7615664

Is it possible that there is a 10/100 or duplex mismatch on the NICs?  
I use a 200mhz Ppro w/ the fxp0 and sis0 drivers to nat/firewall a 
3mbps connection so I would think your hardware is sufficient to do 
the job.
-- 
Thanks,

Josh Paetzel

More information about the freebsd-stable mailing list