Subject: Re: ipfiltering problems
To: Dan Radom <email@example.com>
From: David Maxwell <firstname.lastname@example.org>
Date: 01/01/2001 15:33:10
You might try
sysctl -w net.inet.tcp.rfc1323 = 0
There was a thread with someone in the opposite setup who found Linux
didn't do 1323 well.
On Sat, Dec 30, 2000 at 12:47:29PM -0700, Dan Radom wrote:
> I've narrowed down the problem to 2 particular clients on my LAN. The BSD
> box does http fine, as well as my wife's NT workstation. The two clients
> that have trouble with http are both Linux boxes. My previous setup
> included one of those Linux boxes performing NAT and routing with ipchains
> and ipmasqadm and everything works fine. I see nothing wrong with any of
> the Linux machines network configuration.
> ----- Original Message -----
> From: "David Maxwell" <email@example.com>
> To: "Dan Radom" <firstname.lastname@example.org>
> Cc: "netbsd-users" <email@example.com>
> Sent: Saturday, December 30, 2000 11:11 AM
> Subject: Re: ipfiltering problems
> > On Fri, Dec 29, 2000 at 09:55:29PM -0700, Dan Radom wrote:
> > > I'm having a little trouble with ipfiltering. The nat box is i386
> > > 1.5, and ex0 is external and le0 is internal. Here are my ipf.conf and
> > > ipnat.conf files. There's not too much to them...
> > >
> > > [graffix@pluto graffix]$ cat /etc/ipnat.conf
> > > map ex0 192.168.0.0/24 -> 188.8.131.52/32 proxy port ftp ftp/tcp
> > > map ex0 192.168.0.0/24 -> 184.108.40.206/32 portmap tcp/udp 30000:60000
> > > map ex0 192.168.0.0/24 -> 220.127.116.11/32
> > >
> > > [graffix@pluto graffix]$ cat /etc/ipf.conf
> > > pass in all
> > > pass out all
> > >
> > > My problem is this. Everything works fine with the exception of http
> > > traffic. It will stall, timeout or run very slowly (1 or 2 K/sec or
> > > slower). I get an average of about 200 K/sec generally.
> > That config looks completely normal. Have you ever run tests from the
> > box, or from another client without intervening NAT?
> > Maybe your provider has imposed a transparent http proxy on you?
> > --
> > David Maxwell, firstname.lastname@example.orgemail@example.com --> Although some of you
> > there might find a microwave oven controlled by a Unix system an
> > idea, controlling a microwave oven is easily accomplished with the
> > of microcontrollers. - Russ Hersch - (Microcontroller primer and FAQ)
David Maxwell, firstname.lastname@example.orgemail@example.com -->
If you don't spend energy getting what you want,
You'll have to spend it dealing with what you get.