From owner-freebsd-pf@FreeBSD.ORG Fri Oct 4 14:48:47 2013 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 0821CA76 for ; Fri, 4 Oct 2013 14:48:47 +0000 (UTC) (envelope-from sven.falempin@gmail.com) Received: from mail-ie0-x232.google.com (mail-ie0-x232.google.com [IPv6:2607:f8b0:4001:c03::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CDBB921FE for ; Fri, 4 Oct 2013 14:48:46 +0000 (UTC) Received: by mail-ie0-f178.google.com with SMTP id to1so9265151ieb.37 for ; Fri, 04 Oct 2013 07:48:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=REiMS7XCPuGO7TgikBrHL333ek+QRcFHdgk92sds+eE=; b=mdL5c+3mCZ3pOQul8oZBg31zrR5eAd/LV5pfUIDS/Hr/V5hV+JV5rOY2aHV+WZ/ytj ljds/v6z2/mD+XbHK5jQhEM9H7wDbgSBG/Az7FehG5IPkghxF5KJLq1C0dcj/bRsKp11 tvUSq8jmWTq6cp9APHPcuBeiVIGLdGJkkA51REtpoSxuXAjGvfCMKlK9MqaqmjNBiR3r MT78hnt3yRa/kYl0Cp/qpQNanS5LnIf85ROOUl0N4p+DRDrNGdwZD028CCnOsEenjH+3 58CUE+4UfGqArwtYgsZyuC/L+yAQEJZoXbDwi4L6zF+pVD89Z4u7i3PUhyOlomVbdFc/ 75LQ== X-Received: by 10.50.67.107 with SMTP id m11mr6834246igt.11.1380898126157; Fri, 04 Oct 2013 07:48:46 -0700 (PDT) MIME-Version: 1.0 Received: by 10.50.231.161 with HTTP; Fri, 4 Oct 2013 07:48:16 -0700 (PDT) In-Reply-To: <524EBFDD.7090604@insa-lyon.fr> References: <524EBFDD.7090604@insa-lyon.fr> From: sven falempin Date: Fri, 4 Oct 2013 10:48:16 -0400 Message-ID: Subject: Re: pf deadly slow To: "Stephane D'Alu" Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Oct 2013 14:48:47 -0000 configure ALTQ (maybe the absence of configurating is not nicely working), i think freebsd has virtio support , i am interested in the result :-) OpenBSD is currently completly rewriting the queing system and improving performance. On Fri, Oct 4, 2013 at 9:17 AM, Stephane D'Alu wrote: > I'm running FreeBSD 9.2 inside VirtualBox with virtio for the nework > card. pf is compiled with ALTQ support. > > My pf.conf file is as follow, which do nearly nothing: > set skip on lo0 > set skip on vnet0 > > If pf is enabled, bandwith drop by a 1000 factor! > From 10Mb/s to 4Kb/s > > Any idea, what's going on? > > > PS: > - I have the same kind of configuration FreeBSD 9.2, pf + ALTQ > and real firewall rules on a non virtualized server and everything is fine. > - I will try to remove ALTQ and use em driver instead, to see if there > is a performance improvement > > Sincerly > -- > Stephane D'Alu -- Ingenieur Recherche > Laboratoire CITI / INSA-Lyon > Tel: +33 47243 6483 > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > -- --------------------------------------------------------------------------------------------------------------------- () ascii ribbon campaign - against html e-mail /\