Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Solaris 11 Express NAT performance issues
Operating Systems Solaris Solaris 11 Express NAT performance issues Post 302511913 by vectox on Friday 8th of April 2011 08:02:19 PM
Old 04-08-2011
Found the problem...working on the solution
So I did some packet sniffing and determined that the problem is IP fragmentation. Here is my setup

<DSL_Modem>-<Linux Router>-<switch>-<wifi>-<macbook>
- this setup works fine, with no fragmentation or performance issues


<DSL_Modem>-<Sol 11 Router>-<switch>-<wifi>-<macbook>
- this setup has major packet fragmentation

<DSL_Modem>-<Sol 11 Router>-<switch>-<macbook>
- this setup has major packet fragmentation

I played with various MTU settings on the solaris servers internal NIC, but it made no difference so I tried a couple of things with the client box.

I determined the max MTU I could send from my macbook as 1464 without getting fragmentation by using:
ping -D -s 1464 <any internet ip>

Once I manually set my MTU down to 1464 instead of the default 1500 web pages are loading normally. So here's the problem...why do I have to manually set the MTU on the client macbook when I have my solaris server setup as a router. Is there some network related tuning I can perform on the server that will address these issues?

---------- Post updated at 08:02 PM ---------- Previous update was at 12:31 AM ----------

I've posted this problem in the network area because of the nature of the problem once I broke it down to fragments

Solaris 11 Express NAT/Router IP Fragments
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Installing Solaris behind a windows NAT...

Greetings, and thank you for your time. I am cracking the whip to self-teach myself Unix because I think it will be the best platform for me to really open my mind and be creative. Sadly I lack anyone experienced in Unix to nag with questions, so you will be seeing a lot of me here I am sure... (4 Replies)
Discussion started by: Dustin
4 Replies

2. IP Networking

Destination NAT using ipnat in Solaris 8

Hello People, Please can someone help me with destination IP address NAT and Port transalation using ipnat in Solaris 8. Scenario: Box A(192.168.100.1/24) and Box B (192.168.100.50/24) are connected phyically and logically(vlan) on the same network switch. Box A hosts an... (0 Replies)
Discussion started by: mandarawachat
0 Replies

3. Solaris

raidctl performance issues

using the internal 2 drives mirror was created using raidctl on 100's of our servers . sometime when one drive fails we dont face any issue & we replace the drive with out any problem . but sometimes when one drive fails , system becomes unresponsive and doesnot allow us to login , the only way to... (1 Reply)
Discussion started by: skamal4u
1 Replies

4. UNIX for Dummies Questions & Answers

Awk Performance Issues

Hi All, I'm facing an issue in my awk script. The script is processing a large text file having the details of a number of persons, each person's details being written from 100 to 250 tags as given below: 100 START| 101klklk| ... 245 opr| 246 55| 250 END| 100 START| ... 245 pp| 246... (4 Replies)
Discussion started by: pgp_acc1
4 Replies

5. IP Networking

Solaris 11 Express NAT/Router IP Fragments

Upon replacing my linux router/server with a Solaris one I've noticed very poor network performance. The server itself has no issues connecting to the net, but clients using the server as a router are getting a lot of IP fragments as indicated from some packet sniffing I conducted. Here was my... (3 Replies)
Discussion started by: vectox
3 Replies

6. UNIX for Advanced & Expert Users

ipf/ipnat NAT/port forward issues

I've been going crazy trying to get this working. Here's the situation: we have a Solaris 10 box that connects an internal network to an external network. We're using ipf/ipnat on it. We've added a couple of new boxes to the internal network (192.168.1.100, .101) and want to be able to get to port... (1 Reply)
Discussion started by: spakov
1 Replies

7. Solaris

Getcwd performance issues

Hello everyone, recently we have been experiencing performance issues with chmod. We managed to narrow it down to getcwd. The following folder exists: /Folder1/subfol1/subfol2/subfol3 cd /Folder1/subfol1/subfol2/subfol3 truss -D pwd 2>&1 | grep getcwd 0.0001... (4 Replies)
Discussion started by: KotekBury
4 Replies

8. IP Networking

Debugging NAT / prerouting issues (iptables)

Hello, Recently I discovered an issue with packet routing in the latest Android releases (4.4+ KitKat & Lollipop). It seems that the problem Android specific, but essentially it comes from the Linux kernel. I already filed a bug report to Google. You can see the details by searching for... (0 Replies)
Discussion started by: Vladislav
0 Replies

LEARN ABOUT DEBIAN

isatapd

isatapd(8)						      ISATAP client for Linux							isatapd(8)

NAME

       isatapd - ISATAP client for Linux

SYNOPSIS

       isatapd --help
       isatapd [ --daemon ] [ --link device ] [ options ] [ router ] [ ... ]

DESCRIPTION

       isatapd is a userspace program or daemon that sets up and maintains an ISATAP client tunnel by using the kernels ISATAP capabilities, first
       introduced with 2.6.25.

       The program will create the tunnel, periodically query the specified routers, add them to the potential router list , send periodic  router
       solicitations and parse router advertisements.  isatapd will try to keep the tunnel up and running, even if the network topology changes.

       See NOTES below for more information

OPTIONS

       -n --name name
	      Name of the tunnel interface. Default is is0.

       -l --link device
	      Tunnel  link  device.  If specified, tunnel will be restricted to that device, allowing multiple instances of isatapd with different
	      tunnels. The tunnel can only exist as long as the link device is up and has a IPv4 address configured.

	      If unspecified, the outgoing IPv4 address will be guessed for the first router and the tunnel created accordingly. The tunnel device
	      will only created, if there is a possible IPv4 source address to reach the first router.

       -m --mtu bytes
	      Sets  the MTU to value for the tunnel device, minimum is 1280. If unspecified, the kernel will choose the MTU automatically, usually
	      1480.

       -t --ttl hoplimit
	      Set the tunnel hoplimit, default is 64. Specifying 'auto' or 'inherit' will make the tunnel inherit the ttl from the linked device.

       -N --nopmtudisc
	      Disable (IPv4) Path MTU Discovery on this tunnel. For this to work --ttl has to be set to inherit. Default: do Path MTU Discovery to
	      reduce redundant fragmentation.

       -r --router router
	      Set  a  potential  router.   isatapd will resolv the hostname, add the IPv4 address to the PRL and send periodic router solicitation
	      messages. Up to 10 potential routers can be specified, the default is the unqualified domainname "isatap".

       -i --interval seconds
	      Default interval to send router solicitations. If the router lifetime is lower, the interval will be 80 of  the  router's  lifetime.
	      Can be used to force solicitations at a shorter interval.

	      Default: auto

       -D --check-dns seconds
	      Interval to perform DNS resolution of configured routers and to recreate the PRL, if necessary. Set to 0 to disable.

	      Default: 3600 sec = 1 hour

       -d --daemon
	      fork to background. No logging is available yet.

       -p --pid file
	      Store  the pid as plaintext to file. The pid file will be write-locked to prevent multiple running instances. Useful for scripts and
	      when running isatapd as a daemon.

       --user username
	      Drop privileges to this user when running the solicitation loop.

	      Default: nobody

       -v --verbose
	      increase verbosity

       -q --quiet
	      decrease verbosity

       -h --help
	      print usage

       --version
	      print version

EXIT STATUS

       On success zero is returned, otherwise a non-zero value is returned.

SIGNALS

       SIGHUP Force sending router solicitations and recreate the tunnel, if neccessary.

       SIGINT SIGTERM
	      Gracefully shut down tunnel device and terminate.

SYSLOG

       isatapd logs to stderr when run in foreground and to syslog(3), using the facility LOG_DAEMON. Verbosity can be controlled with the -v  and
       -q switches.

NOTES

       Network	data  will  be	processed by isatapd with privileges of an unprivileged user to minimize impact of bugs in the networking code. To
       create and maintain the tunnel device, root privileges are necessary.

       Whenever the tunnel link interface goes down or the source address for the local  tunnel  endpoint  changes,  the  tunnel  device  will	be
       destroyed and recreated, if possible. Note that till then your tunnel might be in a unusable state.

AUTHORS

       Sascha Hlusiak <mail@saschahlusiak.de>

       Kwong-Sang Yin <kwong-sang.yin@boeing.com>

       Fred Templin <fred.l.templin@boeing.com>

SEE ALSO

       ip(8) syslog-ng(8)

       http://www.ietf.org/rfc/rfc5214.txt

isatapd-0.9.6							November 15th, 2009							isatapd(8)
All times are GMT -4. The time now is 01:31 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy