[Bug 211380] Add rule to avoid packets that natd divert doesn't need to see

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Tue Jul 26 11:55:17 UTC 2016 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211380

            Bug ID: 211380
           Summary: Add rule to avoid packets that natd divert doesn't
                    need to see
           Product: Documentation
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Documentation
          Assignee: freebsd-doc at FreeBSD.org
          Reporter: ahicks at p-o.co.uk

Created attachment 172993
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=172993&action=edit
Patch to add firewall rule to example

natd can have higher utilisation when it sees unnecessary packets.

Adding a rule to send packets out that natd doesn't need to reduces CPU cycles.

For background see
https://lists.freebsd.org/pipermail/freebsd-ipfw/2013-February/005306.html

My testing and implementation reduced ~50% wcpu to < 1%

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-doc mailing list