What is the profile of the network traffic ? Protocol ? Connections/second ? Packet size ?
Change the policy to Block log all Pass log all keep state Perform the test again, check the firewall logs to see what if anything is being dropped. 500 megabits/second a lot of traffic for an internet connected device. The state table could be filling up for example. http://prefetch.net/articles/monitoringpf.html http://www.packetmischief.ca/2011/02/17/hitting-the-pf-state-table-limit/ > -----Original Message----- > From: Dmitri Budko [mailto:[email protected]] > Sent: Sunday, 5 June 2011 11:11 PM > To: Greg Hennessy > Cc: [email protected] > Subject: Re: pf speed drops > > Hello > I look via systat -if 1 > > Greg Hennessy пишет: > > As measured by? > > > > > > > >> -----Original Message----- > >> From: [email protected] [mailto:owner-freebsd- > >> [email protected]] On Behalf Of Dmitri Budko > >> Sent: Sunday, 5 June 2011 7:43 PM > >> To: [email protected] > >> Subject: pf speed drops > >> > >> Hello. > >> When I turn on the PF server internet speed drops from 500 megabits to > >> 100, after the shutdown goes back to 500 > >> > >> The rules are simple > >> > >> pass in all > >> pass out all > >> > >> OS: FreeBSD GW 7.3-RELEASE FreeBSD 7.3-RELEASE # 3 > >> Network card: em0: <Intel(R) PRO/1000 Network Connection 6.9.6> > >> > >> How is it possible to solve this problem? > >> _______________________________________________ > >> [email protected] mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf > >> To unsubscribe, send any mail to "[email protected]" > >>
_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
