Hi,
I'm trying to replace my (dying) gateway with a qnap ts-509 (1G DDR, celeron m420 1.6Ghzs). I'm using mfsBSD, based on FreeBSD-RELEASE-8.1 amd64. It's almost ready (zfs, nfs, dns, pf, ...), I'm checking everything's OK to swap the gate. I noticed that opening a new connection to distant or local computer is (very) slow. After that, everything works perfectly fine. So I had a look at sysctl, and tried to fix that problem. Now, when I start a ping on a client from my network (disabled on the gate), I have something like that: fa...@alpha ~ : time ping -c 4 google.com PING google.com (66.249.92.104) 56(84) bytes of data. 64 bytes from par03s01-in-f104.1e100.net (66.249.92.104): icmp_seq=1 ttl=53 time=7.12 ms 64 bytes from par03s01-in-f104.1e100.net (66.249.92.104): icmp_seq=2 ttl=53 time=7.32 ms 64 bytes from par03s01-in-f104.1e100.net (66.249.92.104): icmp_seq=3 ttl=53 time=7.18 ms 64 bytes from par03s01-in-f104.1e100.net (66.249.92.104): icmp_seq=4 ttl=53 time=7.18 ms --- google.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 15034ms rtt min/avg/max/mdev = 7.126/7.205/7.329/0.128 ms 0.000u 0.000s 0:25.08 0.0% 0+0k 0+0io 0pf+0w So, it takes 5 seconds to display the first line (connect), and then 5 second per ping. 25 seconds, for 4 pings... Obviously, my tries doesn't make it work any better... I found some infos here<http://people.freebsd.org/~hmp/utilities/satbl/sysctl-net.html> , here <http://www.freebsd.org/doc/handbook/configtuning-kernel-limits.html> , there <http://silverwraith.com/papers/freebsd-ddos.php> and there<http://www.freebsdblog.org/52/sysctlconf-sample/> But I'm still not sure about the tuning implications for most of those vars. Here is my sysctl.conf: kern.coredump=0 kern.ipc.somaxconn=4096 net.inet.ip.check_interface=1 net.inet.ip.fastforwarding=1 net.inet.ip.forwarding=1 net.inet.ip.portrange.first=1024 net.inet.ip.portrange.last=65535 net.inet.ip.rtexpire=2 net.inet.ip.rtmaxcache=256 net.inet.ip.rtminexpire=2 net.inet.ip.ttl=42 net.inet.udp.blackhole=1 net.inet.tcp.blackhole=2 net.inet.tcp.delacktime=42 net.inet.tcp.delayed_ack=0 net.inet.tcp.drop_synfin=1 net.inet.tcp.fast_finwait2_recycle=1 net.inet.tcp.icmp_may_rst=0 net.inet.icmp.icmplim=42 net.inet.tcp.ecn.enable=1 net.inet.tcp.msl=5000 net.inet.tcp.rfc1323=0 net.inet.tcp.inflight.enable=1 net.inet.tcp.inflight.max=1073725440 net.inet.tcp.inflight.stab=20 net.inet.tcp.inflight.min=1024 net.inet.tcp.recvspace=82320 net.inet.tcp.sendspace=82320 net.inet.udp.maxdgram=82320 net.inet.udp.recvspace=82320 net.inet.raw.maxdgram=82320 net.inet.raw.recvspace=82320 net.local.dgram.maxdgram=82320 net.local.dgram.recvspace=82320 net.local.stream.sendspace=82320 net.local.stream.recvspace=82320 net.inet.tcp.local_slowstart_flightsize=10 net.inet.tcp.nolocaltimewait=1 vfs.read_max=32 So, I was wondering, is something wrong in there? Or should I keep looking somewhere else? Where? Thanks for your help, -- Samuel Martín Moro {EPITECH.} tek5 _______________________________________________ freebsd-performance@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-performance To unsubscribe, send any mail to "freebsd-performance-unsubscr...@freebsd.org"
