[Soekris] Which distro gives best performance?
Chris Buechler
soekris at chrisbuechler.com
Tue Dec 19 18:17:37 UTC 2006
Brett Glass wrote:
> They mention, in their beta notes, that they had to do kernel
> patches to allow simultaneous NAT and traffic shaping. I wonder
> why that would be.
>
Because ipfw/dummynet and ipfilter won't play nicely together without
it. It first became an issue in FreeBSD 5.3, and 6.1 required a
different fix.
It only affects inbound NAT (if you open ports on your WAN into hosts on
internal networks), and the problem it causes is the inbound traffic
just disappears after getting passed by ipfilter. It has no effect on
outbound traffic. That's my best explanation as a non-programmer, Manuel
figured out the underlying cause of the problem and wrote the kernel
patches.
-Chris
More information about the Soekris-tech
mailing list