* Looking for IPtables developers - Need help at core of iptables (not configuration)
@ 2004-07-27 18:59 Leon Bene
2004-08-01 16:59 ` Harald Welte
[not found] ` <5.2.0.9.2.20040802161432.00aac218@pop.benesconsulting.com>
0 siblings, 2 replies; 4+ messages in thread
From: Leon Bene @ 2004-07-27 18:59 UTC (permalink / raw)
To: netfilter-devel
I am using iptables in Redhats' release (ES) of Linux. In version 7.1 of
Redhat (iptables 1.2.1a) it forwarded packets just fine. Now with iptables
1.2.8 the outbound traffic hangs for about 5 seconds on rapid small packet
transmissions.
I am not asking for support just a question about iptables 1.2.8. It looks
like iptables 1.2.1a just passed on packets and did not keep track of the
number of unanswered packets, with 1.2.8 it behaves like it keeps track of
unanswered packets and stops (waits) once the buckets are filled until some
packets clear. Is this true? I am trying to understand the differences in
1.2.1a and 1.2.8 that would lead to the hanging.
Thanks, and if I need to pay or donate then tell me where and I am happy to
do so.
Leon Bene'
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Looking for IPtables developers - Need help at core of iptables (not configuration)
2004-07-27 18:59 Looking for IPtables developers - Need help at core of iptables (not configuration) Leon Bene
@ 2004-08-01 16:59 ` Harald Welte
[not found] ` <5.2.0.9.2.20040802161432.00aac218@pop.benesconsulting.com>
1 sibling, 0 replies; 4+ messages in thread
From: Harald Welte @ 2004-08-01 16:59 UTC (permalink / raw)
To: Leon Bene; +Cc: netfilter-devel
[-- Attachment #1: Type: text/plain, Size: 901 bytes --]
On Tue, Jul 27, 2004 at 11:59:38AM -0700, Leon Bene wrote:
> I am using iptables in Redhats' release (ES) of Linux. In version 7.1 of
> Redhat (iptables 1.2.1a) it forwarded packets just fine. Now with iptables
> 1.2.8 the outbound traffic hangs for about 5 seconds on rapid small packet
> transmissions.
iptables-1.2.1a/1.2.8 are the userspace programs only, they never see or
touch a single packet - all happens in the kernel.
Please describe more detailed what particular problem you seem to be
encountering.
--
- Harald Welte <laforge@netfilter.org> http://www.netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Looking for IPtables developers - Need help at core of iptables (not configuration)
[not found] ` <5.2.0.9.2.20040802161432.00aac218@pop.benesconsulting.com>
@ 2004-08-03 14:45 ` Harald Welte
2004-08-03 17:37 ` Chris Brenton
0 siblings, 1 reply; 4+ messages in thread
From: Harald Welte @ 2004-08-03 14:45 UTC (permalink / raw)
To: Leon Bene; +Cc: Netfilter Mailinglist
On Tue, Aug 03, 2004 at 07:21:55AM -0700, Leon Bene wrote:
> Problem
>
> Using computer A and on the Internet or connected to another companies
> network (via cisco VPN), the connection hangs for about 5 or 10 seconds
> (the hang is seen on Computer A). No data is lost, just the whole
> transaction waits intermittently for 5 to 10 seconds. Test example:
> Using Microsoft Excel I open a workbook on a remote server. Then start at
> the top of a worksheet. Then I hold the down arrow key to scroll down the
> worksheet. At row 49 the whole scrolling process stops, waits 5 seconds and
> then starts scrolling again. If I use the page down key (seems like fewer
> outbound packets) I can scroll down the whole worksheet without any pausing.
Sorry for being blunt, but what kind of crappy measurement method is
this? Who does network latency testing by MS Excel?
Give me some real data like 'tcp session establishing took XXX seconds,
as indicated by the following tcpdump' or 'ping shows extremely high
RTT'.
> Thanks
> Leon
--
- Harald Welte <laforge@netfilter.org> http://www.netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Looking for IPtables developers - Need help at core of iptables (not configuration)
2004-08-03 14:45 ` Harald Welte
@ 2004-08-03 17:37 ` Chris Brenton
0 siblings, 0 replies; 4+ messages in thread
From: Chris Brenton @ 2004-08-03 17:37 UTC (permalink / raw)
To: Harald Welte; +Cc: Leon Bene, Netfilter Mailinglist
On Tue, 2004-08-03 at 10:45, Harald Welte wrote:
>
> Sorry for being blunt, but what kind of crappy measurement method is
> this? Who does network latency testing by MS Excel?
I was trying to bite my tongue on this one, but since you responded...
;-)
I doubt this "test" has anything to do with the network. Excel is going
to load the entire file into memory before displaying it. This means
that if you watch the wire while you "hold down the arrow keys", you are
not going to see any network traffic.
Since more like a display or memory issue on the client.
Chris
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2004-08-03 17:37 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-07-27 18:59 Looking for IPtables developers - Need help at core of iptables (not configuration) Leon Bene
2004-08-01 16:59 ` Harald Welte
[not found] ` <5.2.0.9.2.20040802161432.00aac218@pop.benesconsulting.com>
2004-08-03 14:45 ` Harald Welte
2004-08-03 17:37 ` Chris Brenton
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.