Hi Stuart, Thanks a lot for your response. I guess you made a point that for any few-users usecase the default configuration is fine alrady really. If relevant some followup question at bottom.
> On 2017-12-14, ti...@openmailbox.org <ti...@openmailbox.org> wrote: >> Hi! >> >> Do you see any typical pf.conf or sysctl settings to tweak/speedup >> NAT/networking stack throughput? >> >> (On USB2 dongles, sigh. >> >> Current speed is quite OK actually, a client with good hardware would get up >> to 70mbps through the NAT. I was still curious to know if there are any >> obvious toggles in sysctl/pf.conf for up:ing NAT/networking stack throughput >> though. RAM is not an issue with me, I have plenty. I thought possibly some >> settings were set to unnecessarily low defaults, for OpenBSD to work well on >> machines with <1GB RAM, say.) >> >> Tinker > > Generally not. The most common things to touch are: > > - raising net.inet.ip.ifq.maxlen if net.inet.ip.ifq.drops is > increasing (trade-off against latency). My net.inet.ip.ifq.drops is 0 so I guess this one is not relevant to me. > - increasing "set limit states" on busier systems if needed. There's not users enough for the system to hit the 10,000 states default cap. > - using a wider port range than the default 50001:65535 on busier > systems if needed (in PF nat rules; avoid starving the host itself > of free ephemeral ports for locally initiated connections). This should be fine also, again not enough users. Indeed on USB3 NIC on USB2 port. 1. Could I set the NAT in some type of less secure / more promiscuous mode, that would give multimedia applications such as video calling, more space to act? 2. I was thinking, is there any cap for the networking stack's use of buffer space, that could constrian throughput, and that would be configurable? 3. Could it be useful in any few-users scenario to up the "frags" pf limit (and so the "kern.maxclusters" sysctl)? 4. What are good commands to run to monitor NAT/networking stack throughput & health? Thanks! Tinker
