I didn't see but are you using Nat? If so do things change with Nat disabled? Also could you try disabling the Scrub option and seeing if that makes a difference?
-----Original Message----- From: Peter Zaitsev [mailto:[EMAIL PROTECTED] Sent: Monday, October 31, 2005 10:55 AM To: support@pfsense.com Subject: Re: [pfSense Support] Dump states featue On Mon, 2005-10-31 at 06:21 -0600, Randy B wrote: > > I got to this point just running about 500 requests/sec in apache > > benchmark. No keepalive. > > > > Strike me as inexperienced here, but wouldn't you want to tweak PF a bit > for your environment? Did you try the "Firewall Optimization Options" > and set it to aggressive? Right. I tried "aggressive" - the effect is similar. I should clarify once again - I do not need 500 requests/sec I would be quite fine even with 100 req/sec at this point. The problem is what happens to the box with such load - after couple of minutes of intensive load the CPU drops to zero and there is 20-30 sec + of total inactivity (watching vmstat) - this leads to very large response times for some requests - in apache benchmark, or if I'd like to refresh status page on pfsense. > > Methinks one would have a firewall set up differently when putting it in > front of a large webserver as opposed to fronting a SOHO network, which > is what most of us have Right. I know SOHO market will get more users than what I'm trying to do :) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
