I have a server that is also a firewall router at a public library with a fiber optic Internet connection. It is running kernel
2.6.32-642.4.2.el6.x86_64 (current CentOS 6.8) and Iptables 1.4.7 (current stock CentOS 6.8). I having trouble with Internet throughput. I am supposed to be getting 20Mbits down and 20MBits up, but I am not getting that. It has no problem doing 20MBits down, but for uploads of *large* files (using different protocols, such as SSH or http), the upload starts at 20MBits, but over time quickly slows down to about 3MBits. Speedtests claim I am getting about 20/20. I seem to be about to get 3Mbits *per transfer*, even if the transfers are concurrent and MRTG shows total throughput edging up to 6Mbits.
What can possibly be going on. My ISP is not believing there is anything wrong on their end. About the only thing left is maybe some sort of weirdness with Iptables imposing some sort of I/O overhead, maybe related to the MASQUERADE postrouting. Does this even make sense?