On Apr 25, 2014, at 11:53 AM, ML mail <mlnos...@yahoo.com> wrote: > Hi, > > I am using a net6501-30 (600 MHz CPU) with OpenBSD for my internet connection > (cable modem -> soekris <- internal network) and wanted to know what is the > theoretical max throughput in terms of bandwidth? > > I have a 250 Mbit/s internet cable connection and currently with some speed > tests I can't manage more than 100 Mbit/s. If I remove the Soekris from my > setup (directly connected to the cable modem) I can manage around 220 Mbit/s. >
That doesn't seem right to me. Some things to check:
Use ifconfig to make sure that the interfaces are negotiating the correct
speed. It's unlikely that they are not but if they aren't try specifying the
interface speeds in your /etc/hostname.em[0-3] files.
Check the obvious cases: Make sure you are looking at a wired connection.
The maximum speed you will get over wifi will be lower than the speed you get
over wired.
Make sure you are running a recent version of OpenBSD, The pf firewall
code underwent a substantial cleanup that improved performance late in the
OpenBSD 4.x stages, Somewhere between 4.7 and 4.9 IIRC.
It's likely that those three aren't the culprit but you have to address the
elephant in the room. From what you say about being directly connected to the
Cable Modem versus the Soekris I gather that you are _not_ testing your
upstream provider's internet bandwidth. Other things I would look at are:
How are your pf rules setup?
Pf gets most of it's performance by applying state rules to packages which
is quick. A packet only goes to the ruleset only after it's been tested
against, and fails to match, all of the existing states on the firewall. A
ruleset with a lot of "no state" specifiers will be expensive to process.
Are you seeing a bufferbloat condition?
If you cablemodem provides excess buffering, one connection can quite
easily tie up all of your bandwidth by flooding that buffer with packets that
cannot be dropped to activate TCP's automatic throttling condition. Note well
that you will only have bufferbloat if you have two or more streams to the
internet through your OpenBSD box. If you are the sole user then you don't have
bufferbloat. If you are suffering from bufferbloat consider adding queueing to
your ruleset and prioritizing the delivery of outbound TCP ACK packets. There
are two issues here: Firstly Alt-q style QOS is not the best solution to the
problem of bufferbloat but with OpenBSD that's the only tool you have right
now. Second there is quite a bit of Voodoo^H^H^H^H^H^Hahem non-deterministic
configuration here because the ALT-Q code has some real performance issues. In
my setup I have 120/35 Mbit/s connectivity. I've restricted my inbound queues
to 131Mbit/s and my outbound to 38Mbit/s to compensate for the overhead of the
Alt-q code. Those levels were set by doing a few rounds of binary testing. E.g:
"I think the correct setting to realize 35 Mbit/s is between In the range
between 35 ~ 40. What happens when I try 37.5? You would be right to turn your
nose up at this procedure. I felt that it was a better choice than having to
use IPTables.
-- Chris
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Soekris-tech mailing list Soekris-tech@lists.soekris.com http://lists.soekris.com/mailman/listinfo/soekris-tech
