On Thu, Jan 27, 2005 at 10:17:35AM +0100, marc gmx wrote: > I try to obtain the differents informations. > On this run, 157 packets are lost.
Hmm, there's nothing wrong with those packets. There are very few cases where pf can drop a packet, increase its own 'blocked' counters, but not increase another counter that tells us what the reason was. The next likely cause is congestion of an interface's send queue. Can you check output of # netstat -i bge0 -d # netstat -i bge1 -d before and after another test? It's odd that pf would drop _incoming_ packets due to congestion (it will check the receiving interface's queue length, which basically makes no sense to me), but I don't have a better guess right now. While you're running the test, is there other traffic that might saturate either interface in either direction? For instance, are there any packets sent _out_ on the internal interface (the one towards the test client, not the one doing NAT)? Is the link on the internal interface faster than the one on the external interface (like 10mbps vs. 100mpbs)? Have you tried a couple of manual tcp bulk transfers (like transfering a large file using ssh, in both directions, on either interface), to ensure networking has approximately the expected throughput? Daniel
