Iptables 网关缓慢

tag-icon tag-icon networking iptables
Iptables 网关缓慢

我正在尝试使用一台旧笔记本电脑作为从有线局域网到 WiFi 互联网热点的网关:

局域网路由器->ubuntu 笔记本电脑->互联网热点

我找到了一种将笔记本电脑设置为网关的方法,它在转发数据包方面“有效”,但一旦我这样做,我的吞吐量就会立即下降。

在笔记本电脑上:

~$ ping google.com
PING google.com (142.250.176.14) 56(84) bytes of data.
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=1 ttl=112 time=41.7 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=2 ttl=112 time=52.3 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=3 ttl=112 time=50.7 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=4 ttl=112 time=38.6 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=5 ttl=112 time=46.6 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=6 ttl=112 time=44.7 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=7 ttl=112 time=52.5 ms
^C
--- google.com ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6011ms
rtt min/avg/max/mdev = 38.590/46.719/52.463/4.997 ms

~$ sudo iptables -A FORWARD -o wlp2s0 -i enp3s0 -s 192.168.1.0/24 -m conntrack --ctstate NEW -j ACCEPT
~$ sudo iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
~$ sudo iptables -t nat -F POSTROUTING
~$ sudo iptables -t nat -A POSTROUTING -o wlp2s0 -j MASQUERADE

~$ ping google.com
PING google.com (142.250.176.14) 56(84) bytes of data.
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=1 ttl=112 time=3788 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=2 ttl=112 time=3594 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=3 ttl=112 time=3307 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=4 ttl=112 time=3670 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=5 ttl=112 time=3894 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=6 ttl=112 time=3947 ms
64 bytes from lax17s51-in-f14.1e100.net (142.250.176.14): icmp_seq=7 ttl=112 time=4091 ms
^C
--- google.com ping statistics ---
11 packets transmitted, 7 received, 36.3636% packet loss, time 13691ms
rtt min/avg/max/mdev = 3307.409/3755.984/4090.852/240.026 ms, pipe 5

我不太了解 iptables 设置,但显然有些不对劲。

编辑:以防万一,笔记本电脑的规格如下:

  • Turion M500 (64 位 2 核)
  • 4GB内存
  • 无线:RTL8191SEvB
  • 以太网:RTL810xE

相关内容