Date: Thu, 19 Jan 2012 17:01:51 +0100 From: "Bartek W. aka Mastier" <mistrzipan@gmail.com> To: freebsd-pf@freebsd.org Subject: Re: Maximum throughput ? limit? Message-ID: <4F183E6F.2030709@gmail.com> In-Reply-To: <4F183944.30101@wooh.hu> References: <4F183944.30101@wooh.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
W dniu 19.01.2012 16:39, Adam PAPAI pisze:
> Dear List,
>
> I feel my freebsd box is reaching his limits.
>
> I'm doing load-balance with a pf (round-robin + NAT) in front of 3 web
> and 3 database servers. Everything works fine with 100-120MBit/s, but
> if it reaches over 150MBit/s to 200MBit/s or even 300MBit/s, the
> connections are stucked, nobody can connect to the server.
>
> I checked it via "nload". And every time it goes over 150MBit/s it
> stars to drop some connections.
>
> I have 40,000 connections at the same time.
>
> Could it be because the pf? I mean it reaches some maximum throughput?
>
> When i'm running the iperf from inside the NAT, it does only
> 300-400MBit/s, but if I'm running it from the firewall itself, it does
> 600-700 (it depends on the traffic). The servers are connected to each
> other via GBit.
>
> Thanks in advance,
>
>
Indeed. The default maximum is 10 000 states as I remember.
I.e. one of the main routers in my case. core quad.
set limit { states 300000, frags 10000, src-nodes 100000 }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F183E6F.2030709>