I just have to point out that below I made a statement that proved I
should of gone to bed earlier instead of doing benchmarks :). The 901
http States and ssh state have nothing to do with each other as there on
different pf rules.
Mike
Michael VInce wrote:
I did watch the gateway (B) pf state table and did an ab test with and
without pf running, I didn't see any difference in results when having
pf running with stateful rules, ab's Time per requests stayed low and
transfer rates stayed high. Most of the time the total states were
exactly 900 (plus 1 for ssh session) which would make sense
considering the 900 keep-alive concurrency level on the ab test.
pftop output
RULE ACTION DIR LOG Q IF PR K PKTS BYTES STATES MAX
INFO
0 Pass In Q em2 tcp M 37362067 1856847K 901
inet from any to server-c port = http
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
