350 lines
7.5 KiB
HTML
350 lines
7.5 KiB
HTML
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
|||
|
<HTML
|
|||
|
><HEAD
|
|||
|
><TITLE
|
|||
|
>( Performance ) - IP Masquerading seems slow</TITLE
|
|||
|
><META
|
|||
|
NAME="GENERATOR"
|
|||
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
|
|||
|
REL="HOME"
|
|||
|
TITLE="Linux IP Masquerade HOWTO"
|
|||
|
HREF="index.html"><LINK
|
|||
|
REL="UP"
|
|||
|
TITLE="Frequently Asked Questions"
|
|||
|
HREF="faq.html"><LINK
|
|||
|
REL="PREVIOUS"
|
|||
|
TITLE="( FTP ) - MASQed FTP clients don't work. "
|
|||
|
HREF="masqed-ftp.html"><LINK
|
|||
|
REL="NEXT"
|
|||
|
TITLE="( PORTFW ) - IP Masquerading with PORTFWing seems to break when my line
|
|||
|
is idle for long periods"
|
|||
|
HREF="portfw-issues.html"></HEAD
|
|||
|
><BODY
|
|||
|
CLASS="SECT1"
|
|||
|
BGCOLOR="#FFFFFF"
|
|||
|
TEXT="#000000"
|
|||
|
LINK="#0000FF"
|
|||
|
VLINK="#840084"
|
|||
|
ALINK="#0000FF"
|
|||
|
><DIV
|
|||
|
CLASS="NAVHEADER"
|
|||
|
><TABLE
|
|||
|
SUMMARY="Header navigation table"
|
|||
|
WIDTH="100%"
|
|||
|
BORDER="0"
|
|||
|
CELLPADDING="0"
|
|||
|
CELLSPACING="0"
|
|||
|
><TR
|
|||
|
><TH
|
|||
|
COLSPAN="3"
|
|||
|
ALIGN="center"
|
|||
|
>Linux IP Masquerade HOWTO</TH
|
|||
|
></TR
|
|||
|
><TR
|
|||
|
><TD
|
|||
|
WIDTH="10%"
|
|||
|
ALIGN="left"
|
|||
|
VALIGN="bottom"
|
|||
|
><A
|
|||
|
HREF="masqed-ftp.html"
|
|||
|
ACCESSKEY="P"
|
|||
|
>Prev</A
|
|||
|
></TD
|
|||
|
><TD
|
|||
|
WIDTH="80%"
|
|||
|
ALIGN="center"
|
|||
|
VALIGN="bottom"
|
|||
|
>Chapter 7. Frequently Asked Questions</TD
|
|||
|
><TD
|
|||
|
WIDTH="10%"
|
|||
|
ALIGN="right"
|
|||
|
VALIGN="bottom"
|
|||
|
><A
|
|||
|
HREF="portfw-issues.html"
|
|||
|
ACCESSKEY="N"
|
|||
|
>Next</A
|
|||
|
></TD
|
|||
|
></TR
|
|||
|
></TABLE
|
|||
|
><HR
|
|||
|
ALIGN="LEFT"
|
|||
|
WIDTH="100%"></DIV
|
|||
|
><DIV
|
|||
|
CLASS="SECT1"
|
|||
|
><H1
|
|||
|
CLASS="SECT1"
|
|||
|
><A
|
|||
|
NAME="MASQ-PERFORMACE"
|
|||
|
></A
|
|||
|
>7.17. ( Performance ) - IP Masquerading seems slow</H1
|
|||
|
><P
|
|||
|
>There might be a few reasons for this:
|
|||
|
|
|||
|
<P
|
|||
|
></P
|
|||
|
><UL
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>You might be unrealistic about how much available bandwidth is on your modem
|
|||
|
line. Lets do the math for a typical 56k modem connection:</P
|
|||
|
><P
|
|||
|
><P
|
|||
|
></P
|
|||
|
><OL
|
|||
|
TYPE="1"
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>56k modems = 56,000 bits per second.</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>You really DON'T have a 56k modem but a 52k modem per US FCC limitations.</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>You'll almost NEVER get 52k, the best connection I used to get was <20>48k</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>48,000 bits per second is 4,800 BYTES per second (8 bits to a byte +
|
|||
|
2 bits for the START and STOP RS-232 serial bits)</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>With an MTU of 1500, you will get (3.2) packets in one second. Since
|
|||
|
this will involve fragmentation, you need to round DOWN to (3) packets per
|
|||
|
second.</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Again with MTU of 1500, thats 3.2 x 40 bytes of TCP/IP overhead (8%)</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>So the BEST throughput you could hope for is 4.68KB/s w/o compression.
|
|||
|
Compression, be it v.42bis hardware compression, MNP5, or MS/Stac compression
|
|||
|
can yeild impressive numbers on highly compressable stuff like TEXT files, but
|
|||
|
acutally slow things down when transfering pre-compressed files like ZIPs,
|
|||
|
MP3s, etc.</P
|
|||
|
></LI
|
|||
|
></OL
|
|||
|
></P
|
|||
|
></LI
|
|||
|
></UL
|
|||
|
></P
|
|||
|
><P
|
|||
|
>Ethernet attached setups (DSL, Cablemodem, LANs, etc)
|
|||
|
|
|||
|
<P
|
|||
|
></P
|
|||
|
><UL
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Make sure you don't have both your INTERNAL and EXTERNAL networks running on
|
|||
|
the same network card with the "IP Alias" feature. If you
|
|||
|
<STRONG
|
|||
|
>ARE</STRONG
|
|||
|
> doing this, it can be made to work
|
|||
|
but it will be excessively slow due to high levels of collisions, IRQ usage,
|
|||
|
etc. It is highly recommended that you install another network card for the
|
|||
|
internal and external networks to have their own interface.</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Make sure you have the right Ethernet settings for both SPEED and DUPLEX. </P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Some 10Mb/s Ethernet cards and most 100Mb/s cards support FULL Duplex
|
|||
|
connections. Direct connections from an Ethernet card to, say, a DSL modem
|
|||
|
(without any hubs in between) *CAN* be set to FULL DUPLEX but only if the
|
|||
|
DSL modem supports it. You should also be sure that you have Ethernet cables
|
|||
|
with all eight wires used and that they are in good condition.</P
|
|||
|
><P
|
|||
|
>Internal networks that use HUBs -cannot- use Full Duplex. You need either a
|
|||
|
10 or 100Mb.s Ethernet <STRONG
|
|||
|
>SWITCH</STRONG
|
|||
|
> to be able
|
|||
|
to do this.</P
|
|||
|
><P
|
|||
|
>Both auto 10/100Mb/s SPEED negotiation and Full/Half DUPLEX negotiation on
|
|||
|
Ethernet cards can wreck havoc on networks. I recommend to hard code both the
|
|||
|
NIC speed and duplex into the NIC(s) if possible. This is directly possible
|
|||
|
via Linux NIC kernel modules but isn't directly possible in monolithic kernels.
|
|||
|
You will need to either use MII utililies from
|
|||
|
<A
|
|||
|
HREF="donald-beckers-nic-drivers-and-utils-faq-hw.html"
|
|||
|
>Section 8.1</A
|
|||
|
> or hardcode the
|
|||
|
kernel source.</P
|
|||
|
></LI
|
|||
|
></UL
|
|||
|
></P
|
|||
|
><P
|
|||
|
>Optimize your MTU and set the TCP Sliding window to at least 8192
|
|||
|
|
|||
|
<P
|
|||
|
></P
|
|||
|
><UL
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Though this is COMPLETELY out of the scope of this document, this helps QUITE A
|
|||
|
BIT with ANY network link you have, be it an internal or external PPP, Ethernet,
|
|||
|
TokenRing, etc. link. For more details, this topic is briefly touched in an
|
|||
|
above section in <A
|
|||
|
HREF="mtu-issues.html"
|
|||
|
>Section 7.15</A
|
|||
|
>. For even more details, check
|
|||
|
out the Network Optimization section of
|
|||
|
<A
|
|||
|
HREF="http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html#TrinityOS"
|
|||
|
TARGET="_top"
|
|||
|
>TrinityOS - Section 16</A
|
|||
|
>. </P
|
|||
|
></LI
|
|||
|
></UL
|
|||
|
></P
|
|||
|
><P
|
|||
|
>Serial based modem users with PPP
|
|||
|
|
|||
|
<P
|
|||
|
></P
|
|||
|
><UL
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>If you have an external modem, make sure you have a good serial cable. Also,
|
|||
|
many PCs have cheesy ribbon cables connecting the serial port from the
|
|||
|
motherboard or I/O card to the serial port connection. If you have one of
|
|||
|
these, make sure it is in good condition. Personally, I have ferrite coils
|
|||
|
(those grey-black metal like rings) around ALL of my ribbon cables.</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Make sure your MTU is set to 1500 as described in the FAQ section of this
|
|||
|
HOWTO above</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Make sure that your serial port is a 16550A or better UART. Run
|
|||
|
"dmesg | more" to verify</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Setup IRQ-Tune for your serial ports.</P
|
|||
|
><P
|
|||
|
>On most PC hardware, the use of Craig Estey's
|
|||
|
<A
|
|||
|
HREF="http://cae.best.vwh.net/irqtune/"
|
|||
|
TARGET="_top"
|
|||
|
> IRQTUNE</A
|
|||
|
> tool and
|
|||
|
significantly increase serial port performance including SLIP and PPP
|
|||
|
connections.</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Make sure that your serial port for your PPP connection is running at 115200
|
|||
|
(or faster if both your modem and serial port can handle it.. a.k.a ISDN
|
|||
|
terminal adapters)
|
|||
|
|
|||
|
<P
|
|||
|
></P
|
|||
|
><UL
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>2.0.x kernels: The 2.0.x kernels are kind of an odd ball because you can't
|
|||
|
directly tell the kernel to clock the serial ports at 115200. So, in one of
|
|||
|
your startup scripts like the /etc/rc.d/rc.local or /etc/rc.d/rc.serial file,
|
|||
|
execute the following commands for a modem on COM2: </P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
> setserial /dev/ttyS1 spd_vhi</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>In your PPPd script, edit the actual pppd execution line to include the speed
|
|||
|
"38400" per the pppd man page.</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>2.2.x kernels: Unlike the 2.0.x kernels, both the 2.1.x and 2.2.x kernels
|
|||
|
don't have this "spd_vhi" issue.</P
|
|||
|
><P
|
|||
|
>So, in your PPPd script, edit the actual pppd execution line to include the
|
|||
|
speed "115200" per the pppd man page.</P
|
|||
|
></LI
|
|||
|
></UL
|
|||
|
></P
|
|||
|
></LI
|
|||
|
></UL
|
|||
|
></P
|
|||
|
><P
|
|||
|
>All interface types:</P
|
|||
|
></DIV
|
|||
|
><DIV
|
|||
|
CLASS="NAVFOOTER"
|
|||
|
><HR
|
|||
|
ALIGN="LEFT"
|
|||
|
WIDTH="100%"><TABLE
|
|||
|
SUMMARY="Footer navigation table"
|
|||
|
WIDTH="100%"
|
|||
|
BORDER="0"
|
|||
|
CELLPADDING="0"
|
|||
|
CELLSPACING="0"
|
|||
|
><TR
|
|||
|
><TD
|
|||
|
WIDTH="33%"
|
|||
|
ALIGN="left"
|
|||
|
VALIGN="top"
|
|||
|
><A
|
|||
|
HREF="masqed-ftp.html"
|
|||
|
ACCESSKEY="P"
|
|||
|
>Prev</A
|
|||
|
></TD
|
|||
|
><TD
|
|||
|
WIDTH="34%"
|
|||
|
ALIGN="center"
|
|||
|
VALIGN="top"
|
|||
|
><A
|
|||
|
HREF="index.html"
|
|||
|
ACCESSKEY="H"
|
|||
|
>Home</A
|
|||
|
></TD
|
|||
|
><TD
|
|||
|
WIDTH="33%"
|
|||
|
ALIGN="right"
|
|||
|
VALIGN="top"
|
|||
|
><A
|
|||
|
HREF="portfw-issues.html"
|
|||
|
ACCESSKEY="N"
|
|||
|
>Next</A
|
|||
|
></TD
|
|||
|
></TR
|
|||
|
><TR
|
|||
|
><TD
|
|||
|
WIDTH="33%"
|
|||
|
ALIGN="left"
|
|||
|
VALIGN="top"
|
|||
|
>( FTP ) - MASQed FTP clients don't work.</TD
|
|||
|
><TD
|
|||
|
WIDTH="34%"
|
|||
|
ALIGN="center"
|
|||
|
VALIGN="top"
|
|||
|
><A
|
|||
|
HREF="faq.html"
|
|||
|
ACCESSKEY="U"
|
|||
|
>Up</A
|
|||
|
></TD
|
|||
|
><TD
|
|||
|
WIDTH="33%"
|
|||
|
ALIGN="right"
|
|||
|
VALIGN="top"
|
|||
|
>( PORTFW ) - IP Masquerading with PORTFWing seems to break when my line
|
|||
|
is idle for long periods</TD
|
|||
|
></TR
|
|||
|
></TABLE
|
|||
|
></DIV
|
|||
|
></BODY
|
|||
|
></HTML
|
|||
|
>
|