On 23/06/14 21:33, Henning Brauer wrote:
* Chris Cappuccio <[email protected]> [2014-06-23 20:24]:
I have a sandy bridge Xeon box with PF NAT that handles a daily 200
to 700Mbps. It has a single myx interface using OpenBSD 5.5 (not
current). It does nothing but PF NAT and related routing. No barage
of vlans or interfaces. No dynamic routing. Nothing else. 60,000 to
100,000 states.
With an MP kernel, kern.netlivelocks increases by something like 150,000
per day!! I The packet loss was notable.
With an SP kernel, the 'netlivelock' counter barely moves. Maybe 100 per
day on average, but for the past week, maybe 5.
as already said in private, I'm not seeing anything like that which
makes me wonder what is different for you.
Me neither
# uname -a
OpenBSD server 5.5 GENERIC.MP#156 i386
sysctl -a|grep netlive
kern.netlivelocks=50
# pfctl -ss|wc -l
73203
# pfctl -sr|wc -l
294
routing/firewalling/some NAT at ~ 500Mbps
G
