From owner-freebsd-questions@FreeBSD.ORG Sun Mar 20 20:40:05 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3734916A4CE for ; Sun, 20 Mar 2005 20:40:05 +0000 (GMT) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id A883C43D53 for ; Sun, 20 Mar 2005 20:40:04 +0000 (GMT) (envelope-from tomasq@gmail.com) Received: by rproxy.gmail.com with SMTP id f1so823659rne for ; Sun, 20 Mar 2005 12:40:04 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=kurEf8CRF0AUmbCDb80wieoHJzaubCikRkMU10t8HYe/HrOfd3i/QXImyZcJCoGjZYXEuzfkEOU+Cd5fB26N/YH4DwXjP8aTgLGNHyriBAhH180Hf7tot3Zu/2mHX5Yysn+wVybLw6Dhk1yHu03fLbIxm5q4OjoI2dbp4g5Q2TM= Received: by 10.38.10.48 with SMTP id 48mr4062649rnj; Sun, 20 Mar 2005 12:40:04 -0800 (PST) Received: by 10.38.71.19 with HTTP; Sun, 20 Mar 2005 12:40:04 -0800 (PST) Message-ID: <9e46c99e05032012402eb9f843@mail.gmail.com> Date: Sun, 20 Mar 2005 15:40:04 -0500 From: Tomas Quintero To: freebsd-questions@freebsd.org In-Reply-To: <9e46c99e050320123932117564@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit References: <9e46c99e0503201136527a92a2@mail.gmail.com> <006101c52d86$e8265120$4300a8c0@home.lan> <9e46c99e050320123932117564@mail.gmail.com> Subject: Re: Slow Performance with OpenBSD's PF on 5.3-RELEASE X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Tomas Quintero List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Mar 2005 20:40:05 -0000 I wasn't quite sure where to start, so I just gave conf lines. The machine is not yet running DNS, DHCPd, etc. however once I have this ironed out I do intend to setup caching DNS and DHCPd. The problem seems to be with Internal LAN clients getting extremely slow speeds. Web pages load extremely slow, if at all. Externally, when I am fetching etc. to determine what speeds the actual machine is getting, it starts off slow then accelerates to 250-300KB/s, which it should be getting. On Sun, 20 Mar 2005 11:56:16 -0800, Thomas Foster wrote: > I think more information might be required than just your conf files. What > slow performance are you seeing? Are internal LAN clients having issues > with using this computer as a firewall/router? Are you running an internal > DNS? DHCPd? > > Just a start.. > > T > ----- Original Message ----- > From: "Tomas Quintero" > To: > Sent: Sunday, March 20, 2005 11:36 AM > Subject: Slow Performance with OpenBSD's PF on 5.3-RELEASE > > >I recently setup a box with 5.3 release and enabled PF in order to do > > NAT and eventually firewalling and bandwidth control when I become > > more acustom to the workings of PF. Regardless of which however, I'm > > having tremendous speed issues with the box currently. > > > > Here is my pf.conf: > > ext_if="rl1" > > int_if="xl0" > > int_net="192.168.1.0/24" > > nat on $ext_if from $int_net to any -> $ext_if > > > > pass in all keep state > > pass out all keep state > > > > Here is my rc.conf: > > defaultrouter="63.135.xxx.xxx" > > gateway_enable="YES" > > hostname="ORCA.****" > > ifconfig_rl1="inet 63.135.xxx.xxx netmask 255.255.255.240" > > ifconfig_xl0="inet 192.168.1.1 netmask 255.255.255.0" > > linux_enable="YES" > > sshd_enable="YES" > > usbd_enable="YES" > > pf_enable="yes" > > pf_rules="/etc/pfrules.conf" > > pf_flags="" > > pflog_enable="YES" > > pflog_logfile="/var/log/pflog" > > pflog_flags="" > > > > > > -- > > -Tomas Quintero > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org" > > > > -- -Tomas Quintero -- -Tomas Quintero