I would be very grateful if someone could pinpoint the
source of this problem (and even more grateful for
a solution).
Since I can't get more public IP addresses, I have
set out to make NAT translation with sort of
port forwarding to another web server (on another
machine, 192.168.25.1) on port 5006:
iptables -t nat -A PREROUTING -p tcp -d EXT_IP \
--dport 5006 -j DNAT --to-destination 192.168.25.1
iptables -t nat -A POSTROUTING -p tcp -s 192.168.25.1 \
--sport 5006 -j SNAT --to-source EXT_IP
It works - but it's slow as hell!!
I download the test file from the main HTTP server
(over the internet) at 160-180 KB/s, while with
the NATted server the transfer is about 16 KB/s - 10
times too slow!!!
(It's definitely not the issue of the 2nd webserver
box having little resources, it has a lot of resources;
besides, locally over Ethernet and without NAT it's
very fast)
I set the policy on all chains to ACCEPT, I was
emptying the tables leaving only above rules, etc,
nothing works, it's still slow.
Kernel 2.4.22 / FedoraCore 1.
Is anybody here using 2.6 kernel for this sort
of work? If so, is it slow, too, or is it working
like it should be?
--
"Nothing travels faster than the speed of light with the possible
exception of bad news, which obeys its own special laws. The
Hingefreel people of Arkintoofle Minor did try to build spaceships
that were powered by bad news but they didn't work particularly well
and were so extremely unwelcome whenever they arrived anywhere
that there wasn't really any point in being there." ...
|
Similar Threads
Linear Mode
