Because several people have asked, my Internet connection is a business class cable connection with guaranteed 512Kbps up and 7Mbps down. I do get those speeds and can sustain them essentially indefinitely.
On Jan 12, 2008 9:01 PM, Max Hayden Chiz <[EMAIL PROTECTED]> wrote: > I noticed that running BitTorrent was making my network go very slow > and have been trying to fix it. After spending most of the day > playing around with it I have concluded that the problem is caused by > having too many simultaneous BitTorrent connections. As you increase > the number of connections, the latency on the external interface > increases dramatically (e.g. ping times hit 900+ms or time out > entirely.) This is true regardless of bandwidth usage, because I can > rate limit client and still cause the problem. Running `pfctl -vvsq` > shows that altq doesn't have a backlog. Looking at the archives, it > seems that others on the list have experienced this problem in the > past, but there hasn't been a final resolution. > > I am at a total loss as to why this would be causing the massive > increase in latency. Can someone more experienced explain why this is > (and possibly tell me what I'm doing wrong)? For your reference I'm > running OpenBSD4.2-current (Dec18 snapshot) on a Sun Blade 100. The > computer is as it comes from the factory except that I have added a > gigabit network card (re) and a wifi card (ral). > > Here is my pf.conf: > > ext_if="gem0" > int_if="re0" > wifi="ral0" > vpn="enc0" > > bthost="172.16.1.10" > btport="21885" > > set skip on lo > > scrub in > scrub on $vpn max-mss 1400 no-df random-id > > altq on $ext_if priq bandwidth 512Kb queue{ack, main, others, bt} > queue ack priority 7 > queue main priority 6 > queue others priority 5 > queue bt priority 1 priq(default) > > > nat on $ext_if from !($ext_if) -> ($ext_if:0) > rdr on $ext_if proto tcp to port $btport tag BT -> $bthost > > block all > > pass on $int_if no state > > pass in on $ext_if proto tcp to port $btport queue bt > > pass out on $ext_if queue (others, ack) > pass out on $ext_if from $bthost queue bt > pass out on $ext_if proto tcp to port {ssh, http, https} queue (main,ack) > > pass in proto tcp to port ssh > > ##Rules for WiFi Gateway > > #Allow configuring IPSec > pass in on $wifi proto udp to port isakmp > pass in on $wifi proto udp to port domain > pass in on $wifi proto esp > > #allow authenticated users to do everything > pass on $vpn no state > > I can send a dmesg or anything else if I need to. Thanks in advance > for your help. > > --MHC > > P.S. The obvious way to have pf deal with this is to use > max-src-states. I have tested this approach and confirmed that it > will avoid the problem, but I don't understand why this works, nor do > I know if this is the "correct" way to deal with this.