Hi,
I'm still seeing slow performance with my port-forwarding but have found something interesting that may be problematic.
Just to re-cap:
I have one Linux 66.283.12.21 box and one Windows box 192.168.0.10
I can download a file of the linux box at around 140K/s
That very same file download on the Windows machine is around 15K/s using DNAT and Masq/Forwarding.
However we can upload to the Windows box at 140k/s.
So it is only slow, 15K/s, when the data is coming from Windows then through the Linux Iptables Masq/Forwarding Firewall.
I contacted an earlier Admin for the Windows machine and was informed the TCP window size has been manually increased.
Could this affect Forwarding in Iptables ?
The default maximum TCP window size in Win2000 is 17520 bytes (12 segments).
The current value is set at 131400.
Max window size is 64k without scaling - so I assume they have turned scaling on aswell - there have been problems with scaling, one of the linux kernel releases set it to 7 which confused buggy peers. AIUI they turned it back down to workaround.
You could tcpdump so you can can see what's going on.
90% of the traffic being port-forwarded are Digital video files. These range in size from 2MB to 200MB.
So I assume with large files like these Windows would opt for it's largest TCP window size.
I guess the next step is to lower these to their default values and see if it affect bandwidth.
Your thoughts on that would be much appreciated.
Thanks. Regards, Rudi
