NAT performance tweaks
veedee at c7.campus.utcluj.ro
veedee at c7.campus.utcluj.ro
Wed May 7 10:01:58 PDT 2003
On Wed, May 07, 2003 at 10:13:59AM -0500, Eric Anderson wrote:
> veedee at c7.campus.utcluj.ro wrote:
> [..snip..]
> >If you have a large network behind your NAT server, defining LARGE_NAT in
> >src/contrib/ipfilter/ip_nat.h and src/sys/contrib/ipfilter/netinet/ip_nat.h
> >might help. Don't forget to recompile the kernel and ipfilter.
> >
> >Strange enough, I used to have huge pings (up to 80ms in a totally switched
> >gigabit network) after a few hours of utilization before fiddling with
> >LARGE_NAT.
>
> What would you call a "large network"?
according to ip_nat.h...
---
#undef LARGE_NAT /* define this if you're setting up a system to NAT
* LARGE numbers of networks/hosts - i.e. in the
* hundreds or thousands. In such a case, you should
* also change the RDR_SIZE and NAT_SIZE below to more
* appropriate sizes. The figures below were used for
* a setup with 1000-2000 networks to NAT.
*/
---
>
> Is "LARGE_NAT" something that is able to be made into a sysctl tweak
> (and if so, should it be?)?
Would certainly be nice to make it as a sysctl. It's a pain in the ass to
edit it manually everytime I cvsup. :/
> Eric
>
> --
> ------------------------------------------------------------------
> Eric Anderson Systems Administrator Centaur Technology
> Attitudes are contagious, is yours worth catching?
> ------------------------------------------------------------------
>
--
| Radu Bogdan Rusu | Network Administrator @ campus.utcluj.ro |
| cvsup3.ro/www4.ro.freebsd.org maintainer |->5b736c616d215d<-|
| Faculty of Automation & Computer Science @ UTCluj , Romania |
|-------------------------------------------------------------|
More information about the freebsd-performance
mailing list