I have been using IPNat for approximately 5 years unmodified. Updating
to new x86 hardware and the new 4.0 GENERIC kernel (but keeping mostly
the same userspace), my ipnat gateway now has a very annoying 3 second
delay added to the establishment of every outgoing TCP connection.
I've traced the 3 second delay with tcpdump and found the culprit: the
first packet on a newly established TCP connection is always dropped
(after the 3 way handshake). It is received okay on the first interface
but never transmitted to the second interface. 3 seconds seems to be
the retransmit timeout on my Windows PC on the firewalled side. After
that first packet drop and 3 second retransmit delay, the rest of the
TCP session is fine.
Anybody have any ideas? The 2 ethernet devices are sip0 and bge0 and
this is my ipnat.conf:
map sip0 from 192.168.0.0/16 ! to 192.168.0.0/16 -> 67.40.67.44/32 proxy
port ftp ftp/tcp
map sip0 from 192.168.0.0/16 ! to 192.168.0.0/16 -> 67.40.67.44/32
portmap tcp/udp 40000:60000
map sip0 from 192.168.0.0/16 ! to 192.168.0.0/16 -> 67.40.67.44/32
//Jesse Off
