Subject: Networking oddity between Debian and NetBSD
To: None <>
From: Mason Loring Bliss <>
List: current-users
Date: 11/30/2004 16:14:47
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hey, all. I've encountered a frustrating oddity that I can't seem to
resolve myself.

One one of my boxes I have Debian Sarge and a 2.6 series Linux kernel. My
firewall/NAT box is running a netbsd-2-0 userland and 2.99.10 kernel. Both
boxes are i386. Both are sitting on a hundred megabit switched LAN.

Traffic between the two is very odd. Small packets seem uninhibited. Large
packets crawl. I've got no more specific metric than this... When I try
to ftp or scp a large file, I get about 7K/second throughput. When I ping
flood, I see good numbers. However, traffic *through* the NetBSD gateway
is not slowed down. I get the maximum available speed there. It's only
when the conversation has both these boxes as endpoints that I see problems.

Another data point: I can get full speed transfers going on the same LAN
between this Debian box and another Debian machine, and between that Debian
machine and my gateway - just not between the Debian machine in question
and the NetBSD gateway. The other Debian box is running a 2.4-series
kernel, FWIW. Also, FWIW, this box does not exhibit this behaviour when
it runs an older kernel. (Running an older kernel full-time is not an
option for various unrelated reasons.)

Yet another data point: Downgrading the NetBSD gateway to a netbsd-2-0
kernel doesn't impact this.

This seems like a TCP window-scaling problem, but turning off the window
scaling options on the Debian box via sysctl or /proc fails to produce

Anyone have any ideas, or suggestions for more detailed diagnostics? I
don't see errors on my interfaces, FWIW, and I've seen this through two
different switches.

Yes, this is largely a Linux question, but I'm asking it here first because
it seems to be a strange interaction specifically with NetBSD. Also, the
fact that conversations between the Debian box and the outside world that
go over NAT and pass through the NetBSD box unhindered seems awfully strange
to me. (Disabling IPF on the NetBSD gateway doesn't help, FWIW.)

Thanks in advance!

Mason Loring Bliss          Ewige Blumenkraft!   awake ? sleep : random() & 2 ? dream : sleep;

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.4 (NetBSD)