I am wondering if  this is the right place to post this kind of question.

I recently set up NetBSD i386 1.6.1 as a router and DNS. My system is 
as follows:

NIC-0 : PPPoE ( ex0 )
NIC-1 : fixed global address (x.x.x.x/28) ( fxp0 )
NIC-2 : gateway to private (192.168.1.0/24) ( tlp0 )

CPU AMD Duron 900MHz, RAM 128MB, VIA KM-266

My ISP gives me 16 global IPs and  I set up configuration files as :

/etc/rc.conf
ipfilter=YES
ipnat=YES
ipwatched=YES

/etc/syscntl.conf
net.inet.ip.forwarding=1
net.inet.tcp.mss_ifmtu=1

/etc/ipnat.conf
map pppoe0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp mssclamp 1412
map pppoe0 192.168.1.0/24 -> 0/32 portmap tcp/udp 40000:60000 mssclamp 1412
map pppoe0 192.168.1.0/24 -> 0/32 mssclamp 1412

map pppoe0 x.x.x.x/28 -> 0/0 mssclamp 1412

/etc/ipf.conf
pass in from any to any
pass out from any to any

/etc/ifconfig.fxp
inet x.x.x.x/28

/etc/ifconfig.tlp0
inet 192.168.1.254/24

/etc/ifconfig.pppoe0, /etc/ppp/if-up, /etc/ppp/if-down, ..
...

PPPoE works and the global IPs can be accessed from outside with no problem.
As long as a few clients access Internet via tlp0, it works fine.

However, when more users (10) starts using NAT, NetBSD becomes slow 
and hangs in short period of time ( in a few hours ). Logs files are 
not consistent, too. Sometimes it says "arpresolve: cannot allocate 
llinfo on tlp0", or "panic: malloc: out of space in kmem_map", etc.

Is there any limitaion about the number of NAT clients ?
Or I might be doing something completely wrong..

If there are anyone doing 3-NICs routing with NAT, PPPoE and global 
IP, I would like to hear any kind of adivice.