If this router is not doing some kind of proxying, tuning tcp related kernel bits will not impact "long fat pipe" or "long fat network" issues. The place that needs to be tuned for larger window sizes/scaling is the web server. http://www.psc.edu/networking/projects/tcptune/#Linux or search for "Linux TCP tuning" or "large fat pipes" Also make sure your firewall isn't "helping" you out by "cleaning up" the TCP SYN/ACK sequence and fiddling with the window scaling stuff. Also if you have load balancers, they might break this stuff as well. Good luck, -Allen Chris wrote:
Thanks for all the answers. I'm currently going down the path of looking at IPtables' conntrack slowing the forwarding rate.
If I can't find any more docs then I'll boot the router with a kernel without any IPtables built-in and see if that's it.
As Lee said "rollback" ! That's the last change to the box. If I can rule out the logging of traffic from conntrack is slowing down the forwarding then I can look into hardware further ;-)
Chris