On Apr 25, 2014, at 11:53 AM, ML mail <mlnos...@yahoo.com> wrote: > Hi, > > I am using a net6501-30 (600 MHz CPU) with OpenBSD for my internet connection > (cable modem -> soekris <- internal network) and wanted to know what is the > theoretical max throughput in terms of bandwidth? > > I have a 250 Mbit/s internet cable connection and currently with some speed > tests I can't manage more than 100 Mbit/s. If I remove the Soekris from my > setup (directly connected to the cable modem) I can manage around 220 Mbit/s. >
That doesn't seem right to me. Some things to check: Use ifconfig to make sure that the interfaces are negotiating the correct speed. It's unlikely that they are not but if they aren't try specifying the interface speeds in your /etc/hostname.em[0-3] files. Check the obvious cases: Make sure you are looking at a wired connection. The maximum speed you will get over wifi will be lower than the speed you get over wired. Make sure you are running a recent version of OpenBSD, The pf firewall code underwent a substantial cleanup that improved performance late in the OpenBSD 4.x stages, Somewhere between 4.7 and 4.9 IIRC. It's likely that those three aren't the culprit but you have to address the elephant in the room. From what you say about being directly connected to the Cable Modem versus the Soekris I gather that you are _not_ testing your upstream provider's internet bandwidth. Other things I would look at are: How are your pf rules setup? Pf gets most of it's performance by applying state rules to packages which is quick. A packet only goes to the ruleset only after it's been tested against, and fails to match, all of the existing states on the firewall. A ruleset with a lot of "no state" specifiers will be expensive to process. Are you seeing a bufferbloat condition? If you cablemodem provides excess buffering, one connection can quite easily tie up all of your bandwidth by flooding that buffer with packets that cannot be dropped to activate TCP's automatic throttling condition. Note well that you will only have bufferbloat if you have two or more streams to the internet through your OpenBSD box. If you are the sole user then you don't have bufferbloat. If you are suffering from bufferbloat consider adding queueing to your ruleset and prioritizing the delivery of outbound TCP ACK packets. There are two issues here: Firstly Alt-q style QOS is not the best solution to the problem of bufferbloat but with OpenBSD that's the only tool you have right now. Second there is quite a bit of Voodoo^H^H^H^H^H^Hahem non-deterministic configuration here because the ALT-Q code has some real performance issues. In my setup I have 120/35 Mbit/s connectivity. I've restricted my inbound queues to 131Mbit/s and my outbound to 38Mbit/s to compensate for the overhead of the Alt-q code. Those levels were set by doing a few rounds of binary testing. E.g: "I think the correct setting to realize 35 Mbit/s is between In the range between 35 ~ 40. What happens when I try 37.5? You would be right to turn your nose up at this procedure. I felt that it was a better choice than having to use IPTables. -- Chris
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Soekris-tech mailing list Soekris-tech@lists.soekris.com http://lists.soekris.com/mailman/listinfo/soekris-tech