[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Slow connections to web pages requiring NT authentication
From:       "Jim McAtee" <jmcatee () mediaodyssey ! com>
Date:       2002-08-29 16:08:23
[Download RAW message or body]

I tried posting this to the FreeBSD questions list and didn't really get much
to help me address the problem.

I'm testing a firewall setup (FreeBSD 4.6.2 Release) with ipfilter compiled
into the kernel.  I'm using ipnat to nat from a network with 192.168.3.0/24
addresses to the public ip address on the external facing interface.  For
testing, currently I've got ipf rules passing all traffic.  The firewall
machine has two Intel 10/100 NICs.  The machine behind the firewall from which
I'm testing is running Windows 2000 Professional.

Everything works as expected, except when browsing web pages that require NT
authentication.  They load completely, but very very slowly.  Other pages
being served from the same web server, and which require no authentication,
load quite fast.

I've also notice that if I try to ping a machine on the other side of the
firewall with packets of 1473 bytes or larger, then I receive no response.
Smaller than that and I get 100% response.  Pinging interfaces on the firewall
itself with very large ICMP packets gets 100% response.

Jim

[prev in list] [next in list] [prev in thread] [next in thread]