Have you raised states? 10K is the default I believe, the most likely culprit.
On 8/16/2017 12:55 PM, Juan Guillermo Narvaez wrote: > Hello everyone! > > I'm relative new using OpenBSD, I have just 4 years using this OS for dhcp > servers. > Today I have the mission of implement this OS in a cablemodem headend, in > my first try I get negative results with this rules: > > *pass all flags S/SA* > > *#LAN* > *match out log on bge0 inet from 192.168.254.0/24 <http://192.168.254.0/24> > to any nat-to 200.91.35.55* > *pass on bge0 inet from 192.168.254.0/24 <http://192.168.254.0/24> to any > flags S/SA* > *#CPE Network* > *match out on bge0 inet from 172.21.0.0/19 <http://172.21.0.0/19> to any > nat-to 200.91.35.55* > *pass on bge0 inet from 172.21.0.0/19 <http://172.21.0.0/19> to any flags > S/SA* > > This is a basic PF that I use for this try, the CPE network has 900 active > customers. > When I put the whole customer network traffic through my OpenBSD router the > traffic tend to fall slowly and the LAN network is really slow too. I read > about a lot of 'tweaks' the high performance configurations but I think > that OpenBSD can handle 400mbps without tweaking. > > I'm wrong? > What am I doing bad? > > Thank you! > > > > -- James Shupe, HermeTek developer/ engineer BSD/ Linux support & hosting jsh...@hermetek.com | www.hermetek.com Office 5127922525 | Mobile 5122846350
