Please correct me, but the processes that is spinning out of control:
> USER PID %CPU %MEM SIZE RSS TTY STAT START TIME COMMAND
> nobody 929 99.9 1.9 832 264 ? R May 2 42900:35 in.identd -w -t120
has nothing to do with masqing, does it? Isn't in.identd the TCP/IP IDENT protocol
server which listens for inbound IP activity and directs it to the correct service?
Perhaps I'm missing something, but I thought masqing was a kernel function, not part of
an external process and if in.identd is spinning out of control, wouldn't it make more
sense to try and figure out why? Perhaps a netstat -n to see who/what is generating
the rapid stream of new inbound traffic? Once a TCP or UDP sessions is establish, it
doesn't need in.identd anylonger, correct?
Barry
Audie Pierre wrote:
> There are other things to be considered before IP MASQ like your network topology,
> ethernet interfaces used. I really don't know what you have as far as network
> hardware.
>
> Guy Harper wrote:
>
> > Hello,
> >
> > I seem to be experiencing a performance issue with my IPM box.
> >
> > A general outline follows.....
> >
> > I have about 50 users all talking to a Notes server all day, through 1 IPM box,
> > running Caldera Linux, kernel version 2.0.35. The box is a P100, 16MB RAM, with
> > 2
> > 3com 3c509 nic's. All my users (myself included) experience delays accessing
> > their
> > mail, etc.
> >
> > If I ping 20k to the notes machine through the IPM I get a 80ms round trip, if I
> >
> > ping from the same network I get a 30-40ms round trip.
> >
> > I am about to upgrade to 3com 3c905 PCI cards, so we shall see
> >
> > The machine is not swapping at all, so I discount RAM.....however, inspecting
> > the
> > task list reveals this process:
> >
> > USER PID %CPU %MEM SIZE RSS TTY STAT START TIME COMMAND
> > nobody 929 99.9 1.9 832 264 ? R May 2 42900:35 in.identd -w -t120
> >
> > Ok, so I could use a faster processor, but I will learn nothing if that cures
> > it....this command is initialized in inetd.conf, but I don't know what it is!!
> >
> > This is the IPM script I use at startup....
> >
> > **************************************************************************
> > # IP Masquerade setup for 2.0.x kernels using IPFWADM
> >
> > /sbin/depmod -a
> > /sbin/modprobe ip_masq_ftp
> >
> > #CRITICAL: Enable IP forwarding since it is disabled by default.
> > echo "1" > /proc/sys/net/ipv4/ip_forward
> >
> > # MASQ timeouts
> > #
> > # 2 hrs timeout for TCP session timeouts
> > # 10 sec timeout for traffic after the TCP/IP "FIN" packet is received
> > # 60 sec timeout for UDP traffic (MASQ'ed ICQ users must enable a
> > # 30sec firewall timeout in ICQ itself)
> > #
> > /sbin/ipfwadm -M -s 7200 10 60
> >
> > # Enable IP forwarding and Masquerading
> >
> > ipfwadm -F -p deny
> > ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
> > ***************************************************************************
> >
> > Perhaps I am missing something?
> >
> > Help!!
> >
> > Thanks,
> >
> > Guy
> >
> > _______________________________________________
> > Masq maillist - [EMAIL PROTECTED]
> > http://tiffany.indyramp.com/mailman/listinfo/masq
> > Admin requests can be handled by web (above) or [EMAIL PROTECTED]
>
> _______________________________________________
> Masq maillist - [EMAIL PROTECTED]
> http://tiffany.indyramp.com/mailman/listinfo/masq
> Admin requests can be handled by web (above) or [EMAIL PROTECTED]
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
