iptable DNAT poor performance

Asked Jan 09 '13 at 16:13

Active Jan 09 '13 at 16:13

Viewed 405 times

I have the following rule for PORT FORWARDING:

root@foo:~# iptables -t nat -S
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
-A PREROUTING  -p udp -m udp --dport 1:1024 -j DNAT --to-destination 192.168.100.10
-A PREROUTING  -p tcp -m tcp --dport 1:1024 -j DNAT --to-destination 192.168.100.10

running an iperf (tcp connection), I get a 10 x worse result than without Port Forwarding, just with routing. Because I couldn't find any real benchmark, i ask it here: Is that normal a so huge drop in the thoughput using iptables DNAT? Is that possible to optimize it?

asked Jan 09 '13 at 16:13

VP.

iptable DNAT poor performance

0 Answers0