Hello -- I am testing out a couple of new firewalls running openbsd 3.6 (plan to upgrade to 3.7 soon), I did some searches to see what kind of performance I can expect and didn't come up with much other than one posting where a guy got more than 800Mbit of throughput.
Currently I am testing with pf disabled, just bridging the traffic to take pf out of the picture. Without bridging the traffic I get about ~700Mbit of throughput. When I bridge the traffic it peaks at ~500Mbit(as measured by iperf between 2 linux hosts) CPU spends approx 20-40% servicing interrupts according to top. I was expecting similarly good results(at least closer to wire speed) as the poster who got 800Mbit+ of throughput as my hardware is approx twice as fast as his(he had a 1.8Ghz Xeon) system specs: Supermicro 6034HX8R Motherboard Intel Xeon EM64T 3.4Ghz 1MB Cache(1 CPU) 2GB PC3200 Registered ECC DDR-II Memory ICP Vortex SCSI Raid card with 128MB Cache - 4 x 36GB U320 10k RPM SCSI disks in raid 10 Dual onboard Intel GigE network cards(em driver) Dual port PCI-X Intel GigE network card(em driver) Quad port PCI-X Intel GigE network card(em driver) I have both interfaces on the dual port PCI card bridged, and both pairs of interfaces on the quad port bridged. Performance does not vary between the dual port PCI-X and the quad port PCI-X. I was hoping with the dual and quad port cards that it would reduce interrupt hits if both ends of the bridge are on the same card. I haven't tried crossing the bridge between the two cards yet. while this performance is acceptable, I was hoping for some tips on getting it closer to wire speed, or reducing interrupt usage. Since I don't seem to be CPU bound(~70% idle) perhaps it is network driver related? Is there a better driver to use? Or a better network card? thanks nate
