JP Vossen wrote:
> I recently moved my wireless access point to a dedicated interface on my 
> M0n0wall generic-pc 1.231 running on an 10 year old OptiPlex Gs+ P166. 
> (Wow, I'd forgotten how *old* that box was!  M0n0wall works great, 
> though the GUI is a tad sluggish.)
> 
> When the WRT54GL wireless AP was directly on the LAN, standard def MPEG2 
> played over MythTV perfectly.  Now that I've firewalled it (separate 
> segment, non-bridged) and opened up TCP/3306 and TCP/6543-6544 (tried 
> with and w/o 'frag'), playback is too choppy to watch.  It will play for 
> ~2 seconds, pause for ~2 seconds, etc.
> 
> I'm only using 21% of memory and CPU load is in the 0-5% range even when 
> attempting to watch MythTV.  No VPNs, pretty small environment.  FYI the 
> LAN and W_LAN ports are on the same IntelDual (fxp driver) card (though 
> I know the packets still have to leave the card to go through packet 
> filtering).  The LAN itself is a D-Link DLI-DGS-1224T "smart" 
> 10/100/1000 switch, and as noted when everything was local to that it 
> worked fine (since the limit there was wireless speed).
> 
> While I admit the FW hardware is ancient (P166!), according to M0n0wall 
> I'm still barely using it.  Does anyone think throwing hardware at the 
> firewall will fix this problem?  If so, why, since CPU and RAM use are 
> so low.  What am I missing?
> 
> Would the latest M0n0wall beta firmware help?

The switch is more likely to be the bottleneck. Even if the NIC is 
capable of full-duplex, there is no guarantee that it works well with 
that switch. The first thing I would try is add a second NIC and split 
the LAN and WAN subnets. You can probably get away with just a 
turnaround cable on the WAN side if you don't have another hub or switch.

Bob McConnell
N2SPP