# sysctl | grep ifq net.inet.ip.ifq.len=0 net.inet.ip.ifq.maxlen=1024 net.inet.ip.ifq.drops=46068291 net.inet6.ip6.ifq.len=0 net.inet6.ip6.ifq.maxlen=256 net.inet6.ip6.ifq.drops=0
# cat sysctl.conf net.inet.ip.forwarding=1 kern.bufcachepercent=90 net.ip.ifq.maxlen=1024 On Wed, Aug 16, 2017 at 5:06 PM, Hrvoje Popovski <hrv...@srce.hr> wrote: > On 16.8.2017. 19:55, Juan Guillermo Narvaez wrote: > > Hello everyone! > > > > I'm relative new using OpenBSD, I have just 4 years using this OS for > dhcp > > servers. > > Today I have the mission of implement this OS in a cablemodem headend, in > > my first try I get negative results with this rules: > > > > *pass all flags S/SA* > > > > *#LAN* > > *match out log on bge0 inet from 192.168.254.0/24 < > http://192.168.254.0/24> > > to any nat-to 200.91.35.55* > > *pass on bge0 inet from 192.168.254.0/24 <http://192.168.254.0/24> to > any > > flags S/SA* > > *#CPE Network* > > *match out on bge0 inet from 172.21.0.0/19 <http://172.21.0.0/19> to any > > nat-to 200.91.35.55* > > *pass on bge0 inet from 172.21.0.0/19 <http://172.21.0.0/19> to any > flags > > S/SA* > > > > This is a basic PF that I use for this try, the CPE network has 900 > active > > customers. > > When I put the whole customer network traffic through my OpenBSD router > the > > traffic tend to fall slowly and the LAN network is really slow too. I > read > > about a lot of 'tweaks' the high performance configurations but I think > > that OpenBSD can handle 400mbps without tweaking. > > > > I'm wrong? > > What am I doing bad? > > > > Thank you! > > > > > > > > > > could you send dmesg, cat /etc/sysctl.conf and sysctl | grep ifq > > i'm having 2 old Dell R610 with 2 x E5630 cpu and bcm5709 nic's in very > standard pf,carp,pfsync,pflow setup and on top of that i'm logging > everything. boxes are doing cca 100k states and having around 2k hosts > behind them ... of course that i'm running -current :) > > -- J. Guillermo Narvaez @_aran0id
dmesg.tar.xz
Description: application/xz
