NAT under performing direct connection by 10x

Atom Powers atom.powers at
Wed Mar 11 15:20:29 UTC 2015

What are you using to implement NAT? ipf? iptables? Are you
reassembling packets or passing them straight through? Are your memory
buffers big enough?

Who is your Internet provider and do you see those same rates for
repeated tests? (Some provider will give you an early burst of speed
and then throttle you back.)

The window size could be significant. What happens if you manually set
the window size to different values?

On Wed, Mar 11, 2015 at 8:10 AM, Malcolm Matalka <mmatalka at> wrote:
> I am setting up my Raspberry Pi Model B+ as a router and am experience
> a throughput bottleneck that I cannot track down.
> I'd like to preface my question with two things:
> - I'm new to this so it is quite possible this is something obvious and
>   I simply lack the knowledge to see it.  If so, sorry for wasting
>   anyones time and thank you very much to whoever points it out to me.
> - It is quite possible that my Raspberry Pi does not have the hardware
>   to support the desired throughput, but I'm having trouble finding
>   evidence to back up that hypothesis.
> The setup I have is:
> Laptop -> (wlan0 - RPi - ue0) -> Router
> I am using a USB dongle with a 'run0' interface running as a hostap.
> The RPi is then connected to a router which is connected to the
> internet.
> I have run the following command in different experiments:
> wget -O /dev/null
> On the RPi: download speed of around 500 KB/s
> On the laptop: download speed of around 80 KB/s
> I have also scp'd a file from the laptop to another computer on the other
> side of the router:
> Laptop -> RPi -> Router -> Computer
> And I have a throughput of around 1 MB/s.  This exercises both network
> interfaces similar to downloading from the internet.
> The only difference I am aware of is that NAT is happening in the
> Internet case.
> I have:
> - Checked CPU, in the NAT case the load average does not break 0.2.  The
>   CPU does not seem stressed.
> - Interrupt %, in top, doesn't go above a peak of 4% in either case.
> - netstat -i and netstat -s do not show any errors happening (that I can
>   see).
> - While I have no idea if it is significant, I have noticed that in the
>   case of a local download (on the RPi), in tcpdump the "win" goes down
>   to around 1000.  In the NAT case it stays at around 4096.
> Currently I am at a loss to explain the bottleneck.  Is there a
> suggested next place to explore to track this down?  As I said, it could
> be that the RPi is not capable of these throughputs, I'm using this as
> an excuse to learn how to investigate a performance bottleneck in
> FreeBSD though so I'm more interested in the meta-discussion of how to
> determine where the problem is.
> Thank you,
> /Malcolm
> _______________________________________________
> freebsd-performance at mailing list
> To unsubscribe, send any mail to "freebsd-performance-unsubscribe at"

Perfection is just a word I use occasionally with mustard.
--Atom Powers--

More information about the freebsd-performance mailing list