Matt Rowley wrote >> I got one step further. tracerout shows that route from inside (A) >> outside (B) is A->F->B with F being my firewall. >> >> But route from B to A goes through the router. I've setup all hosts >> in the subnet in front of the firewall to route their packets through >> the router R that our data center configured for this subnet. >> >> Thus it's B->R->F->A. The same happens for ipv4, no ->R-> when >> sending from A to B, but via R from B to A. While it's fast for >> ipv4, it's slow for ipv6. So I added a route for the internal >> subnet to the routing table of B so that the trace now shows >> B->F->A. And then the copying between A and B is at full speed >> of 112MB/s. > > Hi Frank, > > So, R, B, and F all have legs on a common network segment, right?
Yes! > And B points to R for default gateway? Right. > Does B have routes in its table so that it knows to point to F in > order to reach A? That's what I tried to describe above. By default it doesn't and that's when the traffic slow. When I add such a route, the traffic is fast. I just don't why it's slow without that route for ipv6 only, while ipv4 has no problems routing through R first. Well, maybe... > If not, it is sending packets to R, who is probably returning ICMP > redirects to B. Perhaps B is dropping them? ...sth. like that. As far as I understand, ipv6 tries to dynamically configure better routes while ipv4 doesn't. > A tcpdump on R, B, and F might help show you what's going on. I'm not really familiar with tcpdump, but I will figure out! cu, Frank -- Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/ Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/ LMU, Amalienstr. 17 Phone: +49 89 2180-4049 80333 Muenchen, Germany Fax: +49 89 2180-99-4049 * Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *
