Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Solaris 11 Express NAT/Router IP Fragments
Special Forums IP Networking Solaris 11 Express NAT/Router IP Fragments Post 302511918 by vectox on Friday 8th of April 2011 12:59:20 AM
Old 04-08-2011
Solaris 11 Express NAT/Router IP Fragments
Upon replacing my linux router/server with a Solaris one I've noticed very poor network performance. The server itself has no issues connecting to the net, but clients using the server as a router are getting a lot of IP fragments as indicated from some packet sniffing I conducted.

Here was my old setup.
<DSL_Modem>-<Linux Router>-<switch>-<wifi>-<macbook>
- this setup works fine, with no fragmentation or performance issues

Setup 1
<DSL_Modem>-<Sol 11 Router>-<switch>-<wifi>-<macbook>
- this setup has major packet fragmentation

Setup 2 (taking wifi out of the flow)
<DSL_Modem>-<Sol 11 Router>-<switch>-<macbook>
- this setup has major packet fragmentation

I played with various MTU settings on the solaris server internal NIC, but it made no difference so I tried a couple of things with the client box.

I determined the max MTU I could send from my macbook as 1464 without getting fragmentation by using:
ping -D -s 1464 <any internet ip>

Once I manually set my MTU down to 1464 on my macbook instead of the default 1500 web pages started loading normally. So here's the problem...why do I have to manually set the MTU on the client macbook when I have my solaris server setup as a router. Is there some network related tuning I can perform on the server that will address these issues?
 

7 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

fragments in Solaris 8

When discussing inodes and data blocks, I know Solaris creates these data blocks with a total size of 8192b, divided into eight 1024b "fragments." It stores data in "contiguous" fragments and solaris doesn't allow a file to use portions of two different fragments. If the file size permits, then the... (4 Replies)
Discussion started by: manderson19
4 Replies

2. UNIX for Dummies Questions & Answers

Installing Solaris behind a windows NAT...

Greetings, and thank you for your time. I am cracking the whip to self-teach myself Unix because I think it will be the best platform for me to really open my mind and be creative. Sadly I lack anyone experienced in Unix to nag with questions, so you will be seeing a lot of me here I am sure... (4 Replies)
Discussion started by: Dustin
4 Replies

3. IP Networking

Destination NAT using ipnat in Solaris 8

Hello People, Please can someone help me with destination IP address NAT and Port transalation using ipnat in Solaris 8. Scenario: Box A(192.168.100.1/24) and Box B (192.168.100.50/24) are connected phyically and logically(vlan) on the same network switch. Box A hosts an... (0 Replies)
Discussion started by: mandarawachat
0 Replies

4. Solaris

ipfilter solaris express

Hello, | am trying to setup ipfilter on solaris express snv_91 but I don't seem to have the following file available. /etc/ipf/pfil.ap Is this an older way of configuring the interface?, I have all the packages installed. Thanks, (1 Reply)
Discussion started by: Actuator
1 Replies

5. Solaris

Solaris Express or OpenIndiana

Simply question which should I use. correct me if I'm wrong but Solaris Express is taking the place of Opensolaris and is officially sanctioned by Oracle and OpenIndiana is what used to be OpenSolaris. If I opt for OpenIndiana is it going to follow the official Oracle Solaris releases or are... (3 Replies)
Discussion started by: michael78
3 Replies

6. Solaris

Solaris 11 Express NAT performance issues

Hi all, I decided to replace my linux router/firewall with Solaris 11 express. This is a pppoe connection directly to my server...no router boxes. I got everything setup, but the performance is terrible on the NAT....really slow. A web page that loads on the server instantly will take... (3 Replies)
Discussion started by: vectox
3 Replies

7. Solaris

OpenSolaris, Solaris, Solaris Express - differences

What are the differences between these systems? I have to use Oracle's product but I do not know who to choose (3 Replies)
Discussion started by: PtaQ
3 Replies

LEARN ABOUT DEBIAN

vrrpd

VRRPD(8)							  Vrrpd's Manual							  VRRPD(8)

NAME

       vrrpd - Virtual Router Redundancy Protocol Deamon

SYNOPSIS

       vrrpd -i ifname -v vrid [-f piddir] [-s] [-a auth] [-p prio] [-m ifname] [-c delta] [-nhD] ipaddr

DESCRIPTION

       vrrpd  is  an implementation of VRRPv2 as specified in rfc2338. It run in userspace for linux.  In short, VRRP is a protocol which elects a
       master server on a LAN and the master answers to a 'virtual ip address'. If it fails, a backup server takes over the ip address.

       A longer answer in the rfc2338 abstract : "This memo defines the Virtual Router Redundancy Protocol (VRRP).   VRRP  specifies  an  election
       protocol that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN.  The VRRP router controlling the
       IP address(es) associated with a virtual router is called the Master, and forwards packets  sent  to  these  IP	addresses.   The  election
       process	provides  dynamic fail over in the forwarding responsibility should the Master become unavailable.  This allows any of the virtual
       router IP addresses on the LAN to be used as the default first hop router by end-hosts.	The advantage gained from using VRRP is  a  higher
       availability  default  path without requiring configuration of dynamic routing or router discovery protocols on every end-host."  Copyright
       (C) The Internet Society (1998).  All Rights Reserved.

       Monitored interface functionality is useful on high availability router or firewall platforms, where single  interface  failure	can  cause
       asymmetrical routing issues.

       Ideally,  what  is  required  is a method for a vrrpd process to detect a failure of the 'other' network interface, and lower it's own VRRP
       priority below that of the 'backup' vrrpd process.  This allows failover to occur normally.

   OPTIONS
       -h     display this short inlined help

       -n     Don't handle the virtual mac address

       -D     Go into background mode, daemonize

       -i ifname
	      the interface name to run on.  More than one interface can be monitored by the one vrrpd process, a list like "eth1 eth2	eth3  eth4
	      eth5" is acceptable. Losing link-beat on any of these will cause the priority of that vrrpd process to be decreased by the specified
	      value, or a default of 100.  Note that as MII calls are used, this implementation is limited to Fast and Gigabit	Ethernet  chipsets
	      only - 10Mbps Ethernet cards will not work.

       -v vrid
	      the id of the virtual server [1-255]

       -s     iqxSwitch the preemption mode (Enabled by default)

       -a auth
	      set  the authentification type auth=(none|pw/hexkey|ah/hexkey) hexkey=0x[0-9a-fA-F]+ Password is a symbolic security, anybody with a
	      sniffer can break it.  AH is a bit stronger.

       -p prio
	      Set the priority of this host in the virtual server (dfl: 100)

       -f piddir
	      specify the directory where the pid file is stored (dfl: /var/run)

       -d delay
	      Set the advertisement interval (in sec) (dfl: 1) -m ifname Interface(s) to monitor for failure. Use " " for multiple interfaces

       -c delta
	      Set the delta to decrease priority by (dfl: 50)

       ipaddr the ip address(es) of the virtual server

EXAMPLES

       vrrpd -i eth0 -v 50 10.0.0.1

       run vrrp on the interface eth0 with the virtual id 50 and 10.0.0.1 as virtual ip address

AUTHOR

       vrrpd was written by Jerome Etienne <jetienne@arobas.net>, it was later improved by  Alexandre  Cassert	<acassen@linux-vs.org>	and  David
       Hunter <david.hunter@gen-i.co.nz>

BUGS

       Suggestions, bugs or questions should be directed to the Sourceforge project at http://sourceforge.net/projects/vrrpd/

       Bug reports regarding this package should be submitted to Debian using the reportbug or bug tool.

MORE INFO

       For more information please read the documents under /usr/share/doc/vrrpd/ : README,  README.Debian FAQ	and TODO.

vrrpd(8)							   December 2002							  VRRPD(8)
All times are GMT -4. The time now is 01:38 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy