On Sat, Mar 12, 2011 at 06:29:42PM -0800, Chris Cappuccio wrote: > > Are you suggesting that because you have a quad-port gig nic, your box > > should be able to do 6 *million* packets per second? By that logic my > > 5-port Soekris net4801 should be able to handle 740kpps. (for reference, > > the net4801 does about 3kpps with 4.9) > > are you sure? that seems low, the 4501 used to do 4kpps with openbsd 3.3 !
Quite sure, though I certainly welcome someone else doing independent testing to prove me wrong. (FWIW: I tested 3.3 last month and got a maximum of 2400pps before packet loss exceeded 1%) The numbers above are for IP forwarding (not bridging), no PF, TCP syn packets with random ports, ISN, and source address, but fixed destination address. Measurements are on either side of the device using SNMP on the switch, and they match very closely what I'm seeing from the endpoints on either side of the firewall. The results are also stable across the more than 30,000 individual tests I've run to date against a variety of hardware and versions (automated, of course!) Note that If you measure on the box itself (i.e. the IPKTS/OPKTS) you will get lies when the system is livelocking. If you push harder you can get more packets through the soekris but it's meaningless as most of the packets are being dropped and the box is completely livelocked.
