Thanks James, now I'm trying with 3K customers and 1M states. I will comments my results to the list when a finish.
Guillermo. On Wed, Aug 16, 2017 at 4:01 PM, James Shupe <jsh...@hermetek.com> wrote: > Have you raised states? 10K is the default I believe, the most likely > culprit. > > On 8/16/2017 12:55 PM, Juan Guillermo Narvaez wrote: > > Hello everyone! > > > > I'm relative new using OpenBSD, I have just 4 years using this OS for > dhcp > > servers. > > Today I have the mission of implement this OS in a cablemodem headend, in > > my first try I get negative results with this rules: > > > > *pass all flags S/SA* > > > > *#LAN* > > *match out log on bge0 inet from 192.168.254.0/24 < > http://192.168.254.0/24> > > to any nat-to 200.91.35.55* > > *pass on bge0 inet from 192.168.254.0/24 <http://192.168.254.0/24> to > any > > flags S/SA* > > *#CPE Network* > > *match out on bge0 inet from 172.21.0.0/19 <http://172.21.0.0/19> to any > > nat-to 200.91.35.55* > > *pass on bge0 inet from 172.21.0.0/19 <http://172.21.0.0/19> to any > flags > > S/SA* > > > > This is a basic PF that I use for this try, the CPE network has 900 > active > > customers. > > When I put the whole customer network traffic through my OpenBSD router > the > > traffic tend to fall slowly and the LAN network is really slow too. I > read > > about a lot of 'tweaks' the high performance configurations but I think > > that OpenBSD can handle 400mbps without tweaking. > > > > I'm wrong? > > What am I doing bad? > > > > Thank you! > > > > > > > > > > -- > James Shupe, HermeTek > developer/ engineer > BSD/ Linux support & hosting > jsh...@hermetek.com | www.hermetek.com > Office 5127922525 | Mobile 5122846350 > > > -- J. Guillermo Narvaez @_aran0id