Background: I have an RT-AC68U with 380.69. I have an ftp server set up in passive mode, with the passive ip address response fixed to my public IP address. In order to use the ftp on my lan, I have to connect using the public ip insted of lan ip otherwise I get an error about TLS connection being not properly terminated. I'm assuming this has to do with the ftp server responding with the src address as my public ip once in passive mode. Not exactly sure.
Anyways. If I enable loopback, then I can connect just fine, and everything works great. However, the LAN throughput is very bad (40MBps on a gigabit connection). If I re-configure the server to use the local ip, so I don't have to use loopback, I get 100MBps+. I can see the router cpu at 100% during the ftp transfer, so I'm guessing the loopback is limiting throughput.
Is there a way to improve this performance? Alternatively, is there another way to set up my iptables/ftp server such that I can use passive mode from both LAN and WAN?
Thanks!
Anyways. If I enable loopback, then I can connect just fine, and everything works great. However, the LAN throughput is very bad (40MBps on a gigabit connection). If I re-configure the server to use the local ip, so I don't have to use loopback, I get 100MBps+. I can see the router cpu at 100% during the ftp transfer, so I'm guessing the loopback is limiting throughput.
Is there a way to improve this performance? Alternatively, is there another way to set up my iptables/ftp server such that I can use passive mode from both LAN and WAN?
Thanks!