Thanks Henning and everyone else who responded (privately or to the list).
Henning Brauer wrote: > * Russell Fulton <[EMAIL PROTECTED]> [2007-10-16 10:03]: > >> * Is there any tuning that we can do to improve performance of pf >> > > yes. install 4.2. seriously, it more than doubles pf performance. > This appears to be a no brainer :) I've just (pre) ordered the CDs... The timing is perfect :) > >> I have heard reports that pf actually performs better on FreeBSD because >> some of the NIC drivers are better -- any truth in that? >> > > certainly not > I had my doubts ;) but the people who were looking after these particular firewalls were using this as an excuse for performance problems which may not even be related to the firewall. On the monitoring front I have rediscovered symon which I installed when we first moved to pf years ago but which did not survive an OS upgrade some time in the past. One more question: I take it that unintentionally 'dropped packets' will show up in the interface stats rather then in any pf counters (which is where I was looking for them)? So symon will show these. Russell
