I am running a native 64 bit kernel. I thought it might be somthing like that but couldn't find anythign in the documentation that said it defaulted to 10000 entries. I just figured out how to view the limit in pfctl. I will increase it and see if that makes the issue go away. Thanks very much for the suggestion, -Matthew ________________________________
From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Tue 6/28/2005 11:29 AM To: Grooms, Matthew Cc: [email protected]; [EMAIL PROTECTED]; IS-Network Subject: Re: pf performance issues ... On 6/28/05, Grooms, Matthew <[EMAIL PROTECTED]> wrote: [snip] > This is a dual 3GHz amd64 box ( UP kernel at the moment ), with 4 gigs > of ram and 6x em interfaces. It is mostly a stock kernel with pf,pfsync,carp > and altq ( but no altq rules ) support compiled in and ipv6 disabled ( config > attached ). Is this running natively as 64 bit or i386 32bit? > Am I running into a limit on some kernel tunable? After a few minutes of > routing traffic to pf setup, the state table had approx 10000 entries in it. > Are there some global pf limits to tweak or should it scale well out of the > box? The internet connection is only 7Mbit so I am at a loss. Is there a > cache or buffer limit somewhere I should watch? Any ideas? I believe the default state limit size is 10,000. Could you be hitting this number and then noticing the slowdown because your out of state entries? Scott _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
