Iptables + dnsmasq: causing intermittent internet activity

[cyb0rg51]

I seem to have a bizarre issue with connecting to the internet from behind my wireless router. I almost want to say it's a hardware issue
When browsing the internet i almost have to constantly refresh the page before it will even load otherwise it times out on most occasions
However if i play a game the latency and connectivity will be fine..
If I ping from the computer behind the wireless router i will get a 1 in 10 packet loss with a latency average of 60ms
If I ping from the Gentoo Server i receive 0% packet loss with 50ms latency average

This is the layout of the network:
[Cable Modem] => [Gentoo Server] => [Wireless Router] => [Clients]

The Gentoo Server is a 400mhz processor with 192megs of ram and 2 NIC's installed

The wireless router is using DHCP to serve its clients with built in firewall settings enabled
The Gentoo Server has iptables v1.3.8 and dnsmaq 2.40 installed

eth1 = WAN (24.65.xxx.xxx) **this is a 10mbps NIC
eth0 = LAN (192.168.200.1) ** this is a 100mbps NIC

dnsmasq is set to listen on eth0 and assign the wireless router 192.168.200.2 based on the mac address

[cyb0rg51]

sorry for the bump, but i'm still not having any luck..
Any tools or apps that anyone knows of to test internal / external network connectivity?

Does iptables require a specific amount of memory / cpu speed to perform effeciently?

[PhoeniXII]

am not a wizard with this stuff, but i can tell yah that you dont need much for a firewall / dnsmasq server
I use a pentium 133 with 96MB for it and it just runs fine.

my guess here is, that you lose packets because of the wireless connection,
you could check if you still lose packets if you wire the clients up to the router.

[cyb0rg51]

Thanks for the information and reply. I didn't think iptables / dnsmasq would be resource intensive either.
As for the wireless router, the machine i'm testing is wired directly to it..
If I swap the role of the Gentoo Server with the wireless router (making the router the gateway and gentoo just a DHCP member) i don't have any issues at all.

[cyb0rg51]

I ordered two new NIC's.. So once I install those, i'll see if that fixes the problem

[cyb0rg51]

I just installed two new NIC's..

Even with the NIC installed, i still seem to have intermittent internet activity.. Everything internal works flawless and dns resolving seems quick..

I still think it's pretty odd how when I run "ping -t google.com" it's fine but when I try to browse the internet or connect to an Instant Messenger application it seems to lag out.

Anyone else have any ideas?

[cyb0rg51]

Anybody else having the same issues?

[Stonic]

What is doing the routing, your server or the wireless router?

I have a similar setup, but I disable all DHCP/Routing/Firewall features off on my wireless, so it's just an access point, my server does all the DHCP/Routing and is the firewall.

I noticed that on my Vista laptop, IE7 is really slow compared to my XP with firefox, and flsuhing / re-establishing my firewall on the server will resolve this problem for some reason (Where the other applications would run flawlessly, and ping responses are great and without loss)

I'm not sure if this will help you out at all, but if you take the wireless router out of the equation, and connect your computer to the internal NIC to do further testing, I'm sure you could resolve the problem

[cyb0rg51]

Well at first both the gentoo server and the wireless router had dhcp on.. I tried taking your suggestion by allowing only the Gentoo Server doing the DHCP and using the wireless router as the access point. But that didn't seem to work for me.. Every client that was connected to the wireless router would not get assigned an IP address even though the router would have an IP address assigned.

This is too bad for me because I really wanted to use Gentoo as a personal firewall, but since I can't seem to get my wireless router and the server to corporate with each other then I guess I have to try another setup..

I am going to re-image the system with IPCop and see if I have any luck with that, since i haven't had much luck with this setup.

Thank you all for your support and help.

[chinker]

My internet setup is as follows:

Cable Modem>Gentoo Box (Server/Firewall)>Gigabit Switch w/ wireless AP plugged in>Client machines

I added the wireless AP so I could connect a new laptop w/ wireless to my current network. After doing so I found that I was unable to browse certain websites when on the laptop but the same websites would work on any machine directly connected to the gigabit switch. So, I thought maybe the AP was busted and ordered new hardware. That was not the problem. Also, I have tested the wireless on the laptop using another network and do not have any problems. I have also connected it directly into the switch and did not have any problems. I traced the problem back to the Gentoo machine but have not found any solutions thus far. I am running a 2.6 kernel with a basic firewall.