I use both fxp and em NICs and have great throughput. You may want to
check the full-half duplex settings/agreements -- configured and
actual-operation -- with the pf box AND EACH adjacent device.
Disagreements can provoke a lot of re-sends.
Also, with the slower link, you may want to try implementing queuing so
that --at a minimum-- the tos lowlatency packets are prioritized over
the bulk large packet traffic. Queue is assigned on the PASS OUT
rule(s).
Something like...
---pf.conf frag---
altq on <outside> priq bandwidth 640Kb queue { Q1, Q7 }
queue Q7 priority 7
queue Q1 priority 1 priq(default)
#
#...
#
pass out on <outside> ... queue(Q1, Q7)
#
---pf.conf frag---
/S
-----Original Message-----
From: Chris Cohen <[EMAIL PROTECTED]>
To: misc@openbsd.org
Subject: Re: 4.2-current throughput with pf enabled
Date: Fri, 11 Jan 2008 19:38:59 +0100
Mailer: KMail/1.9.7
Delivered-To: [EMAIL PROTECTED]
On Friday 11 January 2008 18:36:54 scott wrote:
> re-test and post with in your ruleset
>
> pass in quick on fxp0 inet from any to any keep state
> pass out quick on $ext_if inet from any to any keep state
>
Did that, didn't change anything. Maybe I should add some details:
I generated the traffic by simply dding from /dev/zero from one machine in my
lan to a machine in my dmz (but i got almost the same results with ftp/http).
They are in two different vlans which are both attached to em0. fxp0 is the
interface to my adsl modem.
