I already have a Zywall internet firewall/router box but for added protection I want to use iptables on the RH Linux 8.0 apache box that is servering web pages.
The problem I have is whenever iptables is turned on I get ping spikes. I have deleted all rules and even without any rules I still get these spikes. The spikes only occur when iptables is turned on and when pinging the box from a station. Pinging out from the box is fine without any spikes. Pinging from the LAN the spikes are not to bad, about every 8-10 pings and it only goes up to 20ms. But if I ping in from the internet the spikes are between 200 to 800ms, instead of the steady 30ms-40ms with iptables turned off. The PC is a Pentium 4, w/512mb memory with top showing very little resources being used. Any one have any ideas on this one? |
I don't know. I don't think it's a security issue.
What about traceroutes to the webserver and actual connections? Any weird latency problems there too? Does your iptables script do more than just load rules? Like change /proc values? |
All times are GMT -5. The time now is 05:44 PM. |