Problems with NAT after updating from 1.6 kernel to 4.0

To: netbsd-help%netbsd.org@localhost
Subject: Problems with NAT after updating from 1.6 kernel to 4.0
From: Jesse Off <joff%embeddedARM.com@localhost>
Date: Wed, 20 Feb 2008 17:06:50 -0700

I have been using IPNat for approximately 5 years unmodified. Updatingto new x86 hardware and the new 4.0 GENERIC kernel (but keeping mostlythe same userspace), my ipnat gateway now has a very annoying 3 seconddelay added to the establishment of every outgoing TCP connection.

I've traced the 3 second delay with tcpdump and found the culprit: thefirst packet on a newly established TCP connection is always dropped(after the 3 way handshake). It is received okay on the first interfacebut never transmitted to the second interface. 3 seconds seems to bethe retransmit timeout on my Windows PC on the firewalled side. Afterthat first packet drop and 3 second retransmit delay, the rest of theTCP session is fine.

Anybody have any ideas? The 2 ethernet devices are sip0 and bge0 andthis is my ipnat.conf:

map sip0 from 192.168.0.0/16 ! to 192.168.0.0/16 -> 67.40.67.44/32 proxyport ftp ftp/tcpmap sip0 from 192.168.0.0/16 ! to 192.168.0.0/16 -> 67.40.67.44/32portmap tcp/udp 40000:60000

map sip0 from 192.168.0.0/16 ! to 192.168.0.0/16 -> 67.40.67.44/32



//Jesse Off

Prev by Date: NetBSD 3.1, PAM and imap-uw
Next by Date: 10 second delay in login
Previous by Thread: NetBSD 3.1, PAM and imap-uw
Next by Thread: 10 second delay in login
Indexes:

Home | Main Index | Thread Index | Old Index