I've recently begun running a torrent client after hours on a PC sitting
behind our firewall (7.2-STABLE using pf). I have added a 'rdr' rule to
redirect incoming traffic to the client PC from the firewall, and as far
as the client is concerned everything is fine.
However, after a short period of torrent activity, the machine running
the firewall becomes extremely slow and lagged for all network traffic,
but appears to be operating fine locally. Remote connections via ssh
become extremely unresponsive, and eventually connections start timing
out, but when logged in at the console, there doesn't appear to be any
problem. Running tcpdump does not show nusually high volume of traffic,
no more than I see during normal activity during the day. The volume
and length of connections doesn't seem to matter much -- trying to copy
a BSD or Linux DVD with hundreds of connections breaks just as quickly
as much smaller torrents with a handful of peers.
I know there are some cheap NAT-ing routers that get in trouble with
torrents because of the heavy volume of state rules required, but I've
never heard of anything like that being present in pf. And I've used
torrent clients at home behind a pf firewall with no issues, but not on
this specific version of the FreeBSD.
I've tried shutting down the torrent client, clearing out the state and
nat rules with pfctl, adding drop rules to reject the torrent traffic,
and even bringing the network adapter down completely, but only a
physical reboot (combined with not running the client ever again) seems
to solve anything.
Has anyone experienced this kind of problem before? Or alternatively,
is there some way besides tcpdump and top (neither of which show
anything unusual) that I can tell what exactly the machine is doing
that's causing the network lag?
--Mike
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
