Ping to an ip address does not use DNS.
What is response time when you use ping domain name?
It's ~250ms for google.com and other domains (good enough too).
I see you have forced ip address for your nic card connected to the
public internet by using rc.conf statement.
This looks wrong to me.
What's wrong with it? Can u give me other solutions? But anyway, with ipf +
ipnat the internet speed is OK.
Explain in detail how you connection to your ISP and the layout of
your private network.
Our ISP gave us ip and gateway, thats how we connect to internet (over dsl
modem threw lan card).
Some computers are connected in LAN via SWITCH. My router is connected to
that switch too. Lan users have configured their OS, that gateway is
192.168.0.1 (my router's LAN ip address).
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Prodigy
Sent: Wednesday, March 10, 2004 10:18 AM
To: freebsd-questions
Subject: natd + ipfw - very slow internet for LAN users
Hi,
i'm sharing internet to my local area network (LAN) users with my
router. Everything would be fine, but internet is very slow. I
tried to ping my ISP. Ping reply is ~50ms. It means, that internet
for LAN users should be good enough, but it isn't. Ping reply in IRC
is ~15 seconds. Then I try to open some internet pages, there is
very big lag. Something is wrong with nating i think, can u tell me
what? FreeBSD4.9-STABLE ipfw + natd
Kernel configuration:
# ... Some other stuff goes here
options IPFIREWALL
options IPFIREWALL_FORWARD
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=10
options IPFIREWALL_DEFAULT_TO_ACCEPT # Firewall is accepting
all packets by default
options IPDIVERT
# ... Some other stuff goes here
rc.conf:
defaultrouter=213.190.42.1 # ISP gateway
hostname=panemune.net
ifconfig_ed0=inet 192.168.0.1 netmask 255.255.255.0 # Network
(LAN) interface
ifconfig_ed1=inet 213.190.42.48 netmask 255.255.255.0 # Internet
(outside) interface
# ... here goes some other stuff, like sshd_enable=YES, etc
gateway_enable=YES
firewall_enable=YES
firewall_script=/usr/local/etc/rc.firewall
firewall_quiet=YES
firewall_logging=YES
natd_enable=YES
natd_interface=ed1
natd_flags=-f /usr/local/etc/natd.conf
# cat /usr/local/etc/natd.conf
same_ports yes
use_sockets yes
unregistered_only yes
# cat /usr/local/etc/rc.firewall
ipfw add 100 divert natd all from any to any via ed1
# ipfw show
00100 469 26801 divert 8668 ip from any to any via ed1
65535 1072 60182 allow ip from any to any
# cat /etc/services | grep natd
natd8668/divert # Network Address Translation
Btw, when I used ipf + ipnat, internet for LAN users was good
enough, but now it's horrible with natd + ipfw.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
[EMAIL PROTECTED]
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]