Re: [Masq] IPMasq performance issue

Thu, 3 Jun 1999 13:07:32 -0700 


There are other things to be considered before IP MASQ like your network topology,
ethernet interfaces used. I really don't know what you have as far as network
hardware.

Guy Harper wrote:

> Hello,
>
> I seem to be experiencing a performance issue with my IPM box.
>
> A general outline follows.....
>
> I have about 50 users all talking to a Notes server all day, through 1 IPM box,
> running Caldera Linux, kernel version 2.0.35. The box is a P100, 16MB RAM, with
> 2
> 3com 3c509 nic's. All my users (myself included) experience delays accessing
> their
> mail, etc.
>
> If I ping 20k to the notes machine through the IPM I get a 80ms round trip, if I
>
> ping from the same network I get a 30-40ms round trip.
>
> I am about to upgrade to 3com 3c905 PCI cards, so we shall see
>
> The machine is not swapping at all, so I discount RAM.....however, inspecting
> the
> task list reveals this process:
>
> USER       PID %CPU %MEM  SIZE   RSS TTY STAT START   TIME COMMAND
> nobody     929 99.9  1.9   832   264  ?  R   May  2 42900:35 in.identd -w -t120
>
> Ok, so I could use a faster processor, but I will learn nothing if that cures
> it....this command is initialized in inetd.conf, but I don't know what it is!!
>
> This is the IPM script I use at startup....
>
> **************************************************************************
> # IP Masquerade setup for 2.0.x kernels using IPFWADM
>
> /sbin/depmod -a
> /sbin/modprobe ip_masq_ftp
>
> #CRITICAL:  Enable IP forwarding since it is disabled by default.
> echo "1" > /proc/sys/net/ipv4/ip_forward
>
> # MASQ timeouts
> #
> #   2 hrs timeout for TCP session timeouts
> #  10 sec timeout for traffic after the TCP/IP "FIN" packet is received
> #  60 sec timeout for UDP traffic (MASQ'ed ICQ users must enable a
> # 30sec firewall timeout in ICQ itself)
> #
> /sbin/ipfwadm -M -s 7200 10 60
>
> # Enable IP forwarding and Masquerading
>
> ipfwadm -F -p deny
> ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
> ***************************************************************************
>
> Perhaps I am missing something?
>
> Help!!
>
> Thanks,
>
> Guy
>
> _______________________________________________
> Masq maillist  -  [EMAIL PROTECTED]
> http://tiffany.indyramp.com/mailman/listinfo/masq
> Admin requests can be handled by web (above) or [EMAIL PROTECTED]



_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]

Reply via email to