I freshly installed FreeBSD 13.1 on a Dell Poweredge r730 server which has a quad port QLogic NetXtreme II BCM57800 10GbE adapter. This newer box is replacing my old FreeBSD 13.0 server which was running on some ancient hardware. I'm using it as a NAT gateway (among other things) to provide internet access for my home network. Everything seemed to be working as expected until I noticed that some devices on my network were experiencing very slow network speeds out to the internet through NAT on this new server but to server itself the speeds were fine. The server was also getting the expected speed out to the internet when I'd test from it locally. I had basically just copied the natd setup from my old server and thought I must have messed something up in the config. I had wanted to migrate to in-kernel ipfw NAT eventually anyhow so figured why not do it now. But after getting the ipfw NAT set up, I still had the same issue. After going down many dead ends and much hair pulling, one thing I noticed was that hosts on my network using a VPN did not seem to be affected by the slowdown. That caused me to realize that the VPN is using UDP and that only TCP connections were being slowed. So, I started disabling the various TCP hardware offloads in the NIC driver with ifconfig to see if any of those would improve the speed. I found the one which was causing the problem, LRO (TCP large receive offload). I added "-lro" to the ifconfig_... lines in my rc.conf to make the change permanent and rebooted. No more slow NAT! But does anyone know why this would only affect TCP sessions going through NAT and is there a better way to solve this?
