Thanks for the replies so far. Looks like I’ll have to wait until Saturday to test further. Starting with an L2 bridge seems like a good baseline to try. Although will probably take the easier step of just NAT w/o rules first. Switching to pfsense or a 6501 were already further down my option list, so agree with those.
Had not considered just a change to pf, but will mull over. Although if I’m going to learn a new syntax, might as well get the pretty interface to go with it (pfsense) assuming I can get the performance. With the current set up, I ran top during the download. Never got lower than 25% idle time on the CPU. ~30% system and and 40+% interrupt. 384M (of 512M) Free on memory, so no issue there. So doesn’t seem to be pegging the CPU with my full rule set. -Jed On Jun 8, 2016, at 8:18 PM, Jed Clear <[email protected]> wrote: > I just climbed out of the bronze age of home networking (DSL) and now have > "75Mbps service” from $BIG_CABLE_CO (iron age?). Before the DSL was the > bottle neck. Now it appears the 5501 is the bottle neck. My net5501-70 has > long been running nanobsd (FreeBSD 9.3-R) and ipfw as my perimeter > router-firewall-nat. While I’m not expecting 75, especially in the evening, > it’s not even close. Note all the speeds mentioned are download speeds in > Mbps. The upload is much worse, but not bothered by that in this exercise. > > When the cable modem was first brought up, a laptop directly on it pulled 56 > with one of the speed test sites. The cable modem channel power and SNR > don’t look bad. Putting the 5501 in-line dropped the speed to the 30s. Some > googling later and I discover FreeBSD’s polling feature. So I added options > DEVICE_POLLING to the kernel config (HZ was already 1000), baked a new image, > set all the interfaces to polling and … it dropped like a rock to 5 Mbps. > Flipping off polling on the three interfaces brought it back to the 30s. > > I tried the built in “simple” firewall rule set, and that did modestly better > than my, perhaps overly complicated, rule set. It got around 44. I will > work that later. > > Anyway I’m a bit baffled by the negative results when enabling polling. And > any other advice on improving the performance through the 5501 would be > appreciated. I haven’t given up on self help, but need a break from google > for a bit so will appeal to the collective wisdom of soekris-tech. > > Thanks, > > -Jed > > PS: To add insult to injury, I just repeated the directly connected laptop > experiment and clocked over 90. :-( > > _______________________________________________ > Soekris-tech mailing list > [email protected] > http://lists.soekris.com/mailman/listinfo/soekris-tech > _______________________________________________ Soekris-tech mailing list [email protected] http://lists.soekris.com/mailman/listinfo/soekris-tech
