Just a fast followup.
While pulling 133K down via BitTorrent I decided to run some tests
through the 4.1 firewall with hping. Nothing serious, just different
flags.
My queues, from pftop:
qo_tcp_ack priq 7 790K 49M 0 0
0 163 9939
qo_dns priq 5 8585 649K 0 0
0 0 0
qo_ssh_im priq 4 82759 6853K 0 0
0 0 0
qo_http priq 2 37196 16M 0 0
0 0 0
qo_def priq 419K 99M 749 241139
0 59 31K
qo_null priq 0 0 0 0 0
0 0 0
first test, SYN against port 22:
# hping3 -p 22 -S <hostname>
--- <hostname> hping statistic ---
9 packets tramitted, 8 packets received, 12% packet loss
round-trip min/avg/max = 66.5/356.0/1243.1 ms
Second, SYN against port 80:
# hping3 -p 80 -S <hostname>
--- <hostname> hping statistic ---
110 packets tramitted, 98 packets received, 11% packet loss
round-trip min/avg/max = 19.3/540.5/9137.1 ms
Third, ACK against port 80:
# hping3 -p 80 -A <hostname>
--- <hostname> hping statistic ---
17 packets tramitted, 16 packets received, 6% packet loss
round-trip min/avg/max = 1.5/2.2/9.2 ms
I'm less concerned about dropped packets (most likely an issue with
wireless) than with the huge delta between fastest and slowest
connection.
I may followup with tests through 4.2 next week or so.
