Hi all,
On 02 août 2007, at 08:24, Daniel Hartmeier wrote:
On Wed, Aug 01, 2007 at 05:42:19PM +0200, Patrick Proniewski wrote:
While playing around with systat I've discovered that the transfer
rate can be as low as 20 KB/s and as high as 850 KB/s on a single
download from http://test-debit.free.fr, but the mean value will
always be around 120-150 KB/s when pf is active. From one sample to
another (every second), the transfer rate is very erratic.
If I disable pf on ext_if (set skip on $ext_if), the transfer rate
reaches quickly 850 KB/s and is almost stable. It decreases to
400-450 KB/s for 1 or 2 seconds, 3 or 4 times per minute.
Enable pf debug logging (pfctl -xm), note output of pfctl -si,
reproduce
the problem. Then run pfctl -si again. See /var/log/messages for lines
from pf. Post all three outputs ;)
logging and other forensic methods were of no help here, but I've
made several tests, commenting and un-commenting pf rules. I've found
the guilty piece of rule.
my pf.conf used to have this rule:
pass out on $ext_if proto tcp all modulate state flags S/SA
I've changed options to:
pass out on $ext_if proto tcp all flags S/SA keep state
then my bandwidth is no longer throttled !
Looks like the servers/networks I'm connected to do not like
"modulate state".
regards,
pat_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
