Because several people have asked, my Internet connection is a
business class cable connection with guaranteed 512Kbps up and 7Mbps
down. I do get those speeds and can sustain them essentially
indefinitely.
On Jan 12, 2008 9:01 PM, Max Hayden Chiz <[EMAIL PROTECTED]> wrote:
> I noticed that running BitTorrent was making my network go very slow
> and have been trying to fix it. After spending most of the day
> playing around with it I have concluded that the problem is caused by
> having too many simultaneous BitTorrent connections. As you increase
> the number of connections, the latency on the external interface
> increases dramatically (e.g. ping times hit 900+ms or time out
> entirely.) This is true regardless of bandwidth usage, because I can
> rate limit client and still cause the problem. Running `pfctl -vvsq`
> shows that altq doesn't have a backlog. Looking at the archives, it
> seems that others on the list have experienced this problem in the
> past, but there hasn't been a final resolution.
>
> I am at a total loss as to why this would be causing the massive
> increase in latency. Can someone more experienced explain why this is
> (and possibly tell me what I'm doing wrong)? For your reference I'm
> running OpenBSD4.2-current (Dec18 snapshot) on a Sun Blade 100. The
> computer is as it comes from the factory except that I have added a
> gigabit network card (re) and a wifi card (ral).
>
> Here is my pf.conf:
>
> ext_if="gem0"
> int_if="re0"
> wifi="ral0"
> vpn="enc0"
>
> bthost="172.16.1.10"
> btport="21885"
>
> set skip on lo
>
> scrub in
> scrub on $vpn max-mss 1400 no-df random-id
>
> altq on $ext_if priq bandwidth 512Kb queue{ack, main, others, bt}
> queue ack priority 7
> queue main priority 6
> queue others priority 5
> queue bt priority 1 priq(default)
>
>
> nat on $ext_if from !($ext_if) -> ($ext_if:0)
> rdr on $ext_if proto tcp to port $btport tag BT -> $bthost
>
> block all
>
> pass on $int_if no state
>
> pass in on $ext_if proto tcp to port $btport queue bt
>
> pass out on $ext_if queue (others, ack)
> pass out on $ext_if from $bthost queue bt
> pass out on $ext_if proto tcp to port {ssh, http, https} queue (main,ack)
>
> pass in proto tcp to port ssh
>
> ##Rules for WiFi Gateway
>
> #Allow configuring IPSec
> pass in on $wifi proto udp to port isakmp
> pass in on $wifi proto udp to port domain
> pass in on $wifi proto esp
>
> #allow authenticated users to do everything
> pass on $vpn no state
>
> I can send a dmesg or anything else if I need to. Thanks in advance
> for your help.
>
> --MHC
>
> P.S. The obvious way to have pf deal with this is to use
> max-src-states. I have tested this approach and confirmed that it
> will avoid the problem, but I don't understand why this works, nor do
> I know if this is the "correct" way to deal with this.
