Bart Schaefer wrote:
>> Or are you saying that LAN-to-LAN traffic maxs out at 10Mbps, it is
>> a little vague.
>
> LAN-to-gateway traffic (e.g., a test FTP of a large file from the
> gateway to a machine on one of the LANs) begins to degrade as the
> LAN-to-internet traffic increases. That's not surprising, but it
> degrades disproportionately, i.e. when the FTP begins to show
> intermittent stalls, the total traffic visible at the router on the
> internet side of the gateway is only in the just-over-10Mb/s range.
>
> Once we get to this point, no matter how many more LAN-to-internet
> connections become active, the router on the internet side never sees
> much over 10Mb/s of traffic. We're not losing data or having an
> unusual number of connection timeouts; each connection just slows
> down. We figured on some slowdown for NAT, but not 80%+.
>
> LAN-to-LAN traffic that doesn't involve the gateway behaves more like
> we'd expect, but I'm not sure that eliminates the switch as the
> culprit.
How much 'other stuff' is happening on these networks (either side) that
might be passed by the switches? It's a long shot but if you've
assigned multiple IP addresses to the interface, the card is probably
going into promiscuous mode to accept them all and then there will be
interrupts and a small amount of CPU work to discard the ones you don't
need. It might be worth firing up something like ntop for a while to
categorize what's really going by - and you might find something like a
virus trying to make connections as fast as it can.
--
Les Mikesell
lesmikesell at gmail.com