Dear all, I test the performance of TPROXY (cttproxy-2.4.20-14) on a dual XEON, Giga-bit machine. The environment setting is: Client <-------> Proxy <---------> Server #1: With TPROXY, fully transparent (both to client and to server) #2: Without TPROXY, no transparency, client connects to proxy directly. #3: With iptables built-in REDIRECT, Half transparent (to client only) #4: With TPROXY, Half transparent (to client only) The results are: #1: 184 Mbits/s #2: 671 Mbits/s #3: 554 Mbits/s #4: 551 Mbits/s From #2 and #4, the overhead of one NAT is 120 Mbits/s. #1 (fully transparency) is too bad....It should be around 430 Mbits (671 - 120 * 2 since two NATs ) Does anyone know why the performance drops so drastically when using fully-transparency??? Thanks, Eric Li __________________________________ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250