On Wed, Aug 29, 2012 at 12:54:18PM -0400, Michel Blais wrote: > How much can I increase net.inet.ip.ifq.maxlen ? > > I'm now at 2048 and still seeing increase in net.inet.ip.ifq.drops. > This morning, it was at 21280 and now at 21328.
A little bit of congestion increase is not the end of the world, but increasing the increasing the queue length will certainly increase your latency. > I've change the système for a temporary more powerfull one (core 2 > quad + 2 dual 82571EB) while I'm commanding and building new server > and now the congestion have dropped from 3.9 to 0.8. More cores will not help; throwing more power at the problem may not be the solution, but if it is: the top performance will be a CPU with high clock speed (disable the other cores so that 'Turbo Boost' can crank the live core up), and the largest, fastest cache possible. You could also try setting kern.pool_debug=0. > Something I must specify, I use bi-nat to save public ip address and > have thousand of bi-nat rule divided in some anchors. Thousands of rules is not a good idea if you can avoid it. This may be a little bit helped by your anchors, or the anchors may make it worse (PF's ruleset optimization mechanisms will not operate across anchors). Can you explain in more detail what you are doing with these bi-nat rules? -Ryan
