[NAT and ROUTING] Packet loss on FreeBSD 9.0

pl0p

pl0p

Hi,

I have some problems with two FreeBSD 9.0 servers (32bit) as router/firewall.

The first is a physical HP Proliant DL380 and the second one a VM (esx - for backup).

When I have no IP traffic on both (from freebsd FreeBSD to the second freebsd FreeBSD): the test command ping -c 500 -s 500 -i 0.1 <IP-ADDRESS-FW>: 0% of loss.
But, when I have 1 MB/s: 20% of loss. It's the same when I use this test command to the Cisco management IP and to the provider router.

For each server,
  • interface0: WAN on a Cisco with no error on each interfaces - 100 Mb full duplex forced
  • Interface1: LAN on a Cisco with no error on each interfaces - 100 Mb full duplex forced - with workstation on this side

IP Address on master:
  • WAN
    • on interface: 10.0.0.253/24
    • alias0: 10.0.0.1/24
    • alias1: 10.0.0.100/24
  • LAN
    • on interface: 10.10.0.253/24
    • alias0: 10.10.0.1/24

IP Address on slave:
  • WAN
    • on interface: 10.0.0.254/24
  • LAN
    • on interface: 10.10.0.254/24

I have tried to use the test command with and/or without the PF rules and/or the NAT PF rules. I have the same problem when I disable PF (filtering and nat).

On both for the /etc/rc.conf
Code: 
gateway_enable="YES"
pf_enable="YES"

On both for the /etc/sysctl.conf
Code: 
net.inet.icmp.icmplim=0

Any idea to solve this problem?

If you need more information, ask me.

I did not post the /etc/pf.conf because with pf disabled I have this problem.

Thank you in advance.
 
Yes ;)

scheme_01.png
 
It's hard to say from info you gave; it could be interface, Cisco device, FreeBSD misconfiguration. Did you do any other tests?

You say there is no loss when there is no IP traffic (but ICMP is ridding along with IP), and there is 20% loss when there is 1Mbps. What about higher troughoutput? Same loss? Need more info.
 
You must log in or register to reply here.
Back
Top