Florin Andrei wrote:
I expected OpenBSD 4.1 to do better. But the thing is, even without the
UDP flood, the OpenBSD firewall is very slow. I am downloading a huge
file through it, via HTTP, and all I get is 4 Mbyte / sec. With Linux I
get 112 Mbyte / sec.
Something's wrong. Or I'm doing something wrong.
Disabled all pf rules including NAT, now it's just "pass in ; pass out"
Now the download is able to saturate the gig ports, about 112 Mbyte / sec.
But it's still not constantly at 112, it sometime drops below that about
10%. When that happens, CPU0 has 0% idle cycles. A lot of interrupts,
always above 70% on CPU0, going to 99% when the download slows down.
The congestion counter is now 0.
The UDP flood still freezes the system solid (but I discovered that the
system clock continues to work more or less fine, it's just the text
console and the firewall that are not responsive).
I still can't match the performance I get from Linux. Any suggestion is
appreciated.
--
Florin Andrei
http://florin.myip.org/
