On Wednesday 13 December 2006 07:10, Charles Sprickman wrote: > Hi all, > > I'm running a 6.2-RC1 box (cvsup'd today) that has two broadcom nics. > One is an internal network (nfs) and the other is external. > > PF has this rule for all traffic on the private net: > > [EMAIL PROTECTED] /home/jails]# pfctl -sr|grep bge1 > pass in quick on bge1 inet from 192.168.1.0/24 to any > pass out quick on bge1 inet from any to 192.168.1.0/24 > > No state since these are "quick" and symmetrical. > > Doing something like "ls /usr/ports" will just hang until interrupted. > Using tcp for nfs makes it workable, but very slow. > > If I disable pf (pfctl -d), both types of mounts work, and speed is > excellent. I also just found that if I remove the "scrub in all" > statement and change it to "scrub in on bge0", things are fine. > > Any idea what's going on? The tcpdump output confuses me (see "bad > cksum!"), so I'm posting some snippets here.
As Luke already pointed out, "no-df" on the scrub rule should help. As for the "bad cksum!" - this is a symptom of checksumming done in hardware. ifconfig bge1 -rxcsum -txcsum should get rid of them. -- /"\ Best regards, | [EMAIL PROTECTED] \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED] / \ ASCII Ribbon Campaign | Against HTML Mail and News
pgppB7vvCmPvM.pgp
Description: PGP signature
