Hello there, I'm facing an strange performance problem. I have a Firewall running Fedora Core 5, kernel 2.6.15, iptables 1.3.5 between 2 networks. The 1st network is a network with about to 70 desktops. The 2nd network is a network with about to 20 servers. I'm using 1 Intel 100Mbits and 1 Intel 1000 Mbits, plugged on a 10/100/1000 3Com Switch. I'm having an horrible performance with the traffic flow from and net to another. I made some transfer tests and I can't get more than 5 MB/s. The hardware used is a Pentiu 4 2.26 GHz with 1 GB Ram, running only iptables. I have read some papers about tunning tcp/ip stack on linux, but nothing seems to speed it up. I'm using statefull inspection, and for testing purposes I have created a rule like: iptables -A FORWARD -i eth0 -o eth1 -s aaa.bbb.ccc.ddd/32 -d eee.fff.ggg.hhh/32 -j ACCEPT iptables -A FORWARD -i eth1 -o etho -s eee.fff.ggg.hhh/32 -d aaa.bbb.ccc.ddd/32 -j ACCEPT But, I got the same results. Any clues? -- Regards, Alejandro Flores http://www.triforsec.com.br/
