Re: slow download

2011-10-22 Thread Stuart Henderson
On 2011-10-21, Michel Blais wrote: > No bridge, just routed. > > We use pmacct because we need > the memory plug in for dynamicly > unpriorise those taking too much > bandwith for fair sharing policy. > We also use pmacct on FreeBSD > and Linux so we have the same > tool everywhere and use the sam

Re: slow download

2011-10-21 Thread Michel Blais
No bridge, just routed. We use pmacct because we need the memory plug in for dynamicly unpriorise those taking too much bandwith for fair sharing policy. We also use pmacct on FreeBSD and Linux so we have the same tool everywhere and use the same scripts on every platform. Thanks Michel Le 21 oc

Re: slow download

2011-10-21 Thread Michel Blais
2011/10/21 Michel Blais > This is for a firewall and main gateway of my network. > Is a atom dual core cpu 1.6 Ghz with 2 Go or RAM > It have 2 realtek onboard nic but since I wanted Intel NIC, I added a 3 > intel NIC optional board. > > em0 is use to connect to my ISP fiber link > em1 is use to

Re: slow download

2011-10-21 Thread Stuart Henderson
You haven't explained what this machine is doing. But a few random comments from a wild assumption that it's just routing packets + PF: - MP is not helping you, and may be making things worse - amd64 is probably not helping you, and may be making things worse - try comparing kern.pool_debug=0 and

Re: slow download - sysctl limit ?

2011-10-21 Thread Michel Blais
I reseted everything (reboot it), After that, change ifq.maxlen from 256 to 512, after 1024 and finally for 2056. ifq.drops always stay at 0 and I still have around half paquets dropped by kernel. thanks Michel 2011/10/21 Daniel Melameth > If sysctl net.inet.ip.ifq.drops is greater than zero,

Re: slow download - packets "dropped by kernel"

2011-10-21 Thread Michel Blais
packets "dropped by kernel" The number of packets that were dropped, due to a lack of buffer space. http://publib.boulder.ibm.com/infocenter/aix/v6r1/index.jsp?topic=%2Fcom.ibm.aix.cmds%2Fdoc%2Faixcmds5%2Ftcpdump.htm I saw on a forum to give more value to bpf size : change those value 2 time

Re: slow download - sysctl limit ?

2011-10-21 Thread Michel Blais
really look like a sysctl limit, tcpdump give me lot of packets dropped by kernel. I commented every block rule to be sure it was not a rules mistake in pf pfctl -vnf /etc/pf.conf without tables and macro set limit states 196608 set limit src-nodes 16384 set limit frags 8192 set limit tables 1024