(trying one more time; netfilter archive seems to have scrubbed the whole message for PGP signature...) ... (sorry, should have sent this to the list) Boryan Yotov wrote: >> On the NAT box, my Internet connection goes up to about 700 kilobytes per >> second, regardless of the protocol used (e.g., ssh or http). >> On clients behind the NAT box, however, HTTP connections seem to top out >> around 70 kilobytes per second. ssh connections (e.g., rsync) get the >> full throughput of the Internet connection. > Are you sure, you don't have some kind of a traffic shaping > active on the NAT gateway's internal interface? > For example: If tc is used, you could check that using: > tc class show dev <nat_box_internal_interface> > and > tc filter show dev <nat_box_internal_interface> I do have traffic shaping on the *external* interface, but it is not port dependent. tc class|filter show dev <internal_interface> gives an empty response. Also, when I clear the queue (I use wondershaper, so running wondershaper clear), it seems I still have the same problem. ...But is there some way that outbound traffic shaping on the external facing interface could somehow impact *inbound* HTTP traffic on an internal client connected to the internal facing interface? -- Adam Rosi-Kessel http://adam.rosi-kessel.org
