On Jan 14, 2008, at 5:10 PM, Brian wrote:
--- Max Hayden Chiz <[EMAIL PROTECTED]> wrote:
Perhaps this problem is specific to my configuration (or specific to
DOCSIS cable modems). But if it makes Brian (or someone else's
problem) go away, then it is likely that this problem is not unique.
It's not unique, I saw the same issue recently. I basically exceeded
the number of states my CPU/RAM combo could handle easily (roughly
2400, "normal" average is 200 state rules) while pushing major amounts
of data.
If I reduced the number of connections through bittorrent, performance
improved. During the download, at 350 peers, regardless of the
download rate, I had 2400 some odd state rules. I suddenly saw round
trip ICMP echo taking 900+ ms to the first hop. At 325, times were
merely 90ms to the first hop, and normal is around 10ms.
The hardware is a slightly loaded Soekris net4501 with 64mb of RAM
running OpenBSD 4.1 (GENERIC). It does not have a crypto accelerator,
and handles ssh and openvpn on the main CPU (both are fairly low in
usage at this time).
My guess, so far, is an issue with my ruleset, the hardware, and the
use of synproxy for some of the TCP states (almost all of the BT
clients I had were over TCP). OpenBSD itself seems to be fine, up
until I get close to the limits of the hardware.
Let me read through the documentation to figure out how to set this
up. I am
running a cable modem as well.
Here are my bittorrent settings:
--minport 13000 --maxport 14000 --max_initiate 15 --max_allow_in 15
--max_upload_rate 25 --max_uploads 5
Give me some time to figure out the altq and pf. I have only used
pf for a
week, so I'm still learning it.
Ask around if you have questions. There are excellent articles and
examples available.
