The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 Degraded throughput -- NATD
Author: Ryan 
Date:   27-12-01 00:00

Hello Everyone!

I have a little problem and thought I'd post it to the forum. I have FreeBSD 4.4 running as a dhcp/nat server here at home. I have a MAC and a Win2000 box that goes through the FBSD box for internet access. For some reason, it seems that my throughput has decreased after configuring my FBSD box as my gateway to the net.

I did a "netstat -i" to see it I was having any collisions, and it appears that I wasn't... actually, both interfaces (rl0 and rl1) look rather clean.

I was wondering if anyone has any ideas as to why things seem slower behind the FreeBSD box... I'd be happy to post any output needed to help you guys and gals help me :)

Thanks in advance!

Reply To This Message
 Re: Degraded throughput -- NATD
Author: Daniel Schrock 
Date:   27-12-01 02:22

your performance is going decrease slightly...but here are a couple things you can do to reduce that decrease.

1. lock all of the interfaces -make sure every ethernet interface is set to the correct speed and duplex. The external interface has to be half-duplex and most likely 10Mbps. The internals depend on your network setup. if you have a switch, all internal interfaces should be at 100/full. if you have a hub, all internal interfaces should be at 100/half (or 10/half if you have a really old hub).

if you have a managed switch, such as a cisco, lock those interfaces to the correct speed as well.

auto-detect is shitty and does not work correctly so NEVER use it unless you want degraded performance.

2. buy a switch -see above. a switch is always better than a hub, but they come with a higher price tag... though they are expensive... try to buy a cisco on ebay... they are worth it

3. check for errors as well as collisions with netstat -i -in a hubbed network, collisions will happen periodically, but collisions can fix themselves to some extent (data is retransmitted)... errors are a bigger concern, usually caused by incorrect speed/duplex settings or bad cables...

let us know what you find out.

Reply To This Message
 Re: Degraded throughput -- NATD
Author: Ryan 
Date:   28-12-01 00:50

Thanks Daniel...

I'd like to make a cross-over cable to take the hub out of the picture to see what happens. I ran that netstat -i command, and it says there are no collisions or (input/output) errors. How do you force the speed on an interface in FBSD? I can look it up, but thought I'd cheat and just ask... :) I know it's set for auto-select or something like that. I'm using this 10/100 hub (didn't know that was possible to have a 10/100 hub)... cause I know you can't have a collision in a switch environment, and rl1 (the internal side) shows 100M full-duplex. Well, I'm rambling again.. lol... I'll paste some output here for what it's worth... thanks though for your reply!


inet6 fe80::240:f4ff:fe1f:94e4%rl0 prefixlen 64 scopeid 0x1
inet netmask 0xfffffc00 broadcast
ether 00:40:f4:1f:94:e4
media: Ethernet autoselect (none)
status: active
inet netmask 0xffffff00 broadcast
inet6 fe80::240:f4ff:fe1f:92f3%rl1 prefixlen 64 scopeid 0x2
ether 00:40:f4:1f:92:f3
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active

stonefish#netstat -i
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
rl0 1500 <Link#1> 00:40:f4:1f:94:e4 323958 0 62900 0 0
rl0 1500 fe80:1::240 fe80:1::240:f4ff: 0 - 0 - -
rl0 1500 mkc-65-26-0-0 mkc-65-26-0-192 24736 - 62879 - -
rl1 1500 <Link#2> 00:40:f4:1f:92:f3 43598 0 54259 0 0
rl1 1500 192.168.27 stonefish 10439 - 13721 - -
rl1 1500 fe80:2::240 fe80:2::240:f4ff: 0 - 0 - -
lp0* 1500 <Link#3> 0 0 0 0 0
faith 1500 <Link#4> 0 0 0 0 0
lo0 16384 <Link#5> 8 0 8 0 0
lo0 16384 localhost ::1 0 - 0 - -
lo0 16384 fe80:5::1 fe80:5::1 0 - 0 - -
lo0 16384 127 localhost 8 - 8 - -
ppp0* 1500 <Link#6> 0 0 0 0 0
sl0* 552 <Link#7> 0 0 0 0 0

Reply To This Message
 Re: Degraded throughput -- NATD
Author: Daniel Schrock 
Date:   28-12-01 02:38

in your rc.conf, you can set the speed and duplex when you assign the address.

ifconfig_rl0="inet netmask media 10baseT mediaopt half-duplex"
ifconfig_rl1="inet netmask media 100baseTX mediaopt half-duplex"

another issue i see (based on your ifconfig output) is the broadcast address of rl0. Make sure you are setting the netmask for your interfaces and that you use the correct netmask. The wrong netmask can cause numerous problems ranging from inadvertant broadcast traffic to complete lack of connectivity.
The broadcast address you are currently using broadcasts to every IP in use....

because you are using a hub, will definitely want to use half-duplex, even if the card auto-detects as full (like i said before... auto-detect doesn't work correctly)
if you switch to a crossover cable between the 2 systems, then switch to full-duplex since the systems will be incapable of collisions.

on a final note and my personal preference, since IPv6 is not in use yet, you can remove it from your kernel to 'clean up' network-related output...unless, of course, you want to experiment with it.

good luck and let me know how it turns out

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 

 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Remember my login:
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum