I've got an unusal problem with IPF 4.1.16, which I've hinted at in a few recent posts. I've applied the latest patch, which now allows ipnat table to be displayed, which is great, but the problem still exists.
It seems that ipnat is running extremely slow, where IPF is acting as a simple router, and nat'ing private addresses into a single public address. When I say slowly, connections seem to initiate slowly, but when they're running, they run at full speed. For example, a single HTTP download of a large file (100Mb) downloads at full-speed on a 24MBit ADSL connection. It's just that browsing the webpages is really painful; bits of pages load, but then there are severe delays before the rest loads. I noticed when doing this that some non-ftp outbound nat sessions appear to be identified as ftp, and I'm guessing are being filtered through the ftp proxy. That is, since clearing the state/nat tables, I haven't used any FTP sites, but some entries in the nat table are being identified as ftp. -- -- Corey Johnston
