iptables and masquerading - slow to initiate connection

From: Rob (rw133_at_excite.com)
Date: 08/15/04

Next message: Digi: "Re: Firewalling?"
Previous message: PenguinsAnonymous_at_NotaChance.com: "Re: Thinkpad wireless masquerade"
Next in thread: jack: "Re: iptables and masquerading - slow to initiate connection"
Reply: jack: "Re: iptables and masquerading - slow to initiate connection"
Reply: Rob: "Re: iptables and masquerading - slow to initiate connection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: 15 Aug 2004 13:44:36 -0700

Howdy, all!

I am using iptables on a dual-NIC Mandrake 10 box as a home network
masquerading firewall and DNS server.

In general, everything works (internet name resolution and web
browsing) except that initial response times are very slow - browsing
to sites from the linux box always fail immediately on the first
attempt and I need to click on the reload button, and pages are slow
to respond from my Windows XP workstation behind the firewall.

If I ping a host on the internet from either the firewall or from my
workstation behind the firewall, name resolution is very fast but the
first two ping replies are always lost:

>ping mail.yahoo.com

Pinging login.yahoo.akadns.net [216.109.127.60] with 32 bytes of data:

Request timed out.
Request timed out.
Reply from 216.109.127.60: bytes=32 time=55ms TTL=241
Reply from 216.109.127.60: bytes=32 time=44ms TTL=241

Ping statistics for 216.109.127.60:
Packets: Sent = 4, Received = 2, Lost = 2 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 44ms, Maximum = 55ms, Average = 49ms

Any ideas? This is driving me crazy!

Thanks,

Rob

Next message: Digi: "Re: Firewalling?"
Previous message: PenguinsAnonymous_at_NotaChance.com: "Re: Thinkpad wireless masquerade"
Next in thread: jack: "Re: iptables and masquerading - slow to initiate connection"
Reply: jack: "Re: iptables and masquerading - slow to initiate connection"
Reply: Rob: "Re: iptables and masquerading - slow to initiate connection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: AD, DHCP or maybe DNS problem?
... if I use the firewall it doens't work. ... I already setup several RRAS servers and they work fine, ... but can't use the internet on) below are my pings ... Ping statistics for 127.0.0.1: ...
(microsoft.public.windows.server.active_directory)
Re: AD, DHCP or maybe DNS problem?
... RRAS firewall enabled I have the problem, If i remove the basic firewall when ... worked and my trace gets out to MSN, but internet still ... Ping statistics for 127.0.0.1: ... Approximate round trip times in milli-seconds: ...
(microsoft.public.windows.server.active_directory)
Re: AD, DHCP or maybe DNS problem?
... the Basic Firewal (In the internal Interface or in the Public Interface)? ... RRAS firewall enabled I have the problem, If i remove the basic firewall ... but can't use the internet on) below are my pings ... Ping statistics for 127.0.0.1: ...
(microsoft.public.windows.server.active_directory)
Re: avast
... > Just did a clean installation of xp pro sp1 and download 'avast anti ... Did you firewall before connecting to the internet? ... Internet and patch with the critical updates? ... Why you should use a computer firewall.. ...
(microsoft.public.windowsxp.general)
Re: routing
... That's a known server on Internet; the one hosting www.tldp.org and it does ... That means that your routing host is unable to reach Internet. ... Not ping but connect by ssh. ... Is there any firewall on host1? ...
(Debian-User)