On 19.12.2022. 17:35, David Hajes wrote: > hi guys, > > I have simple PcEngines APU2 router running latest OpenBSD stable. > > em0 is WAN (bridge to CaTV modem with 1Gbps/100Mbps connectivity with normal > ether connectivity with DHCP...no special stuff like PPPoE) > > em1-3 is in vether/bridge mode with NAT routing to local network. > > I have complained to ISP about speeds because it supposes to run almost 1Gbps. > > results (speedtest.net used by ISP for some reason): > > 800+/85 Mbps measured by ISP technician directly from CaTV modem. > 440MBps/85Mbps simple NAT firewall pf.conf based on OpenBSD suggestions > 380/80Mbps with my strict firewall rules > > I have used following guide > http://dant.net.ru/calomel/network_performance.html No changes, same > performance. > > Checking out router monitoring > > 3k packets/s firewall throughput > pf_states lookup max. 12k/s, ~2k/s > CPU bored, max. load 25% > RAM 2.6 GB from 4GB free, swap never used > > I am guessing HW is not issue. > > Is there any issues with bridging local interfaces, and routing/NAT > performance, please? > > I tried to Google answers, and there is lots of whining but no real info. It > supposes to run double speed, at least 800Mbps as shown by ISP technicians. > > Any suggestions for bottleneck, please? >
Could you try veb(4) instead bridge(4) ? Bridge is quite slow https://undeadly.org/cgi?action=article;sid=20220319123157
