According to this post
https://blog.lincoln.hk/blog/2013/05/17 ... al-bridge/
he mentions using dnsmasq increases SE server speed.
I have tested this for about two weeks, in two different servers (locations), both with Debian and Ubuntu and their speed were the same.
And not only dnsmasq did not increase the speed but slowed down client IP allocation,
- secure NAT would take 1-2 second (tested with Open SSTP client on Android)
- dnsmasq would take 3-5 second (tested with Open SSTP client on Android)
Now my question is that is there any technical reason/explanation which can prove the SE server built-in secure NAT is slower? or Bridge in Linux is faster?
Regards
dnsmasq vs secure NAT
-
- Posts: 1260
- Joined: Sun Feb 14, 2021 10:31 am
Re: dnsmasq vs secure NAT
Yes, quotes from SoftEther docs...KatherineEddie wrote: ↑Mon Dec 26, 2022 12:01 pmis there any technical reason/explanation which can prove the SE server built-in secure NAT is slower? or Bridge in Linux is faster?
PERFORMANCE
FUNCTIONALITYPrecautions relating to Performance
By possessing an internal virtual TCP/IP stack, SecureNAT performs the highly advanced process of reassembling the TCP/IP stream packetized once by the TCP/IP stack and further TCP/IP packetizing via the operating system. The overhead resulting from these processes is large, such that throughput via the virtual NAT is considerably decreased when compared to physical maximum throughput, even when using a computer with sufficiently high speed. That is why virtual NAT should not be used for performance-centric applications. As previously stated, virtual NAT is a function which can be used as an alternative when the local bridge function cannot be used for security or technical reasons. Where high-speed methods such as local bridging are available, those methods should be used.
SCALABILITYThe Virtual DHCP Server provides simple DHCP server functions, and does not require System Administrator Authority to operate. The use of authentic UNIX or Windows DHCP server software is recommended where the Virtual DHCP Server functions are insufficient. Please note that there have been reports of a problem for client computers using Windows, wherein the options relating to the default gateway and DNS server received upon the previous assignment from the DHCP server are cached, and when these values are left blank on the subsequent connection, these previous ones are applied. While this appears to be a Windows OS specification, we recommend trying to connect to a separate DHCP server once in an attempt to overcome it.
static routing table to push... maximum: 64 entries
-
- Posts: 25
- Joined: Fri Nov 11, 2022 9:45 am
Re: dnsmasq vs secure NAT
Thanks , for anyone had this question here is link for that page
https://www.softether.org/index.php?tit ... CP_Servers
Just one question, is this overhead true for any environment e.g VM (virtual machines) or no, just will effect physical machines?
It is strange to me why I did not get a big difference of effects/measures using dnsmasq vs secure NAT.
So I think I have to test it more.
https://www.softether.org/index.php?tit ... CP_Servers
Just one question, is this overhead true for any environment e.g VM (virtual machines) or no, just will effect physical machines?
It is strange to me why I did not get a big difference of effects/measures using dnsmasq vs secure NAT.
So I think I have to test it more.