On 2013-10-07, Loïc BLOT <[email protected]> wrote: > Now with pfsync state are synchronized but late, then client must launch > 2 or 3 TCP connections and when it works it's very slow. > I also have tried defer mode and increasing maxupd but no changes > appear. I also add Is there anything more to do ?
defer helps, but if your typical scenario is to have a path split between two routers (rather than just having this happen occasionally) you may well be better off just using sloppy states. On 2013-10-07, Lo\xc3\xafc BLOT <[email protected]> wrote: > Hmmm > I solved it by removing 'in' from pass in quick <...> test that longer connections work ok (or verify that you get wscale information in all states associated with a connection, pfctl -ss -v shows this) > Here is a pfsync configuration example: > up syncdev vlanXX5 syncpeer 10.XX.X.129 > > The latency between the two host is very light, because they are on the > same switch, with a dedicated VLAN have you tried a direct cable? I find latency significantly lower that way..
