From owner-freebsd-pf@FreeBSD.ORG Fri Jan 25 12:03:26 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4005816A418 for ; Fri, 25 Jan 2008 12:03:26 +0000 (UTC) (envelope-from stefan.lambrev@moneybookers.com) Received: from blah.sun-fish.com (blah.sun-fish.com [217.18.249.150]) by mx1.freebsd.org (Postfix) with ESMTP id 0578F13C45D for ; Fri, 25 Jan 2008 12:03:25 +0000 (UTC) (envelope-from stefan.lambrev@moneybookers.com) Received: by blah.sun-fish.com (Postfix, from userid 1002) id A0BCC1B10EE0; Fri, 25 Jan 2008 13:03:24 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on blah.cmotd.com X-Spam-Level: X-Spam-Status: No, score=-10.6 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.2.3 Received: from hater.haters.org (unknown [192.168.25.10]) by blah.sun-fish.com (Postfix) with ESMTP id 315C71B10EF6 for ; Fri, 25 Jan 2008 13:03:21 +0100 (CET) Message-ID: <4799D008.8020201@moneybookers.com> Date: Fri, 25 Jan 2008 14:03:20 +0200 From: Stefan Lambrev User-Agent: Thunderbird 2.0.0.9 (X11/20071120) MIME-Version: 1.0 To: freebsd-pf@freebsd.org References: <4798B13D.4080701@moneybookers.com> In-Reply-To: <4798B13D.4080701@moneybookers.com> Content-Type: text/plain; charset=windows-1251; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV 0.91.2/5550/Fri Jan 25 08:02:45 2008 on blah.cmotd.com X-Virus-Status: Clean Subject: Re: PF makes em0 taskq to eat 100% CPU X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jan 2008 12:03:26 -0000 Greets, Thanks to Kris Kennaway I was able to get pmc profiling working, Here is the "top" while flooding target behind the firewall: % cumulative self self total time seconds seconds calls ms/call ms/call name 24.4 231689.00 231689.00 0 100.00% _mtx_lock_sleep [1] 6.5 293004.00 61315.00 0 100.00% pf_state_compare_ext_gwy [2] 6.4 353672.00 60668.00 0 100.00% pf_src_compare [3] 3.8 389565.00 35893.00 0 100.00% pf_state_compare_lan_ext [4] 3.5 422911.00 33346.00 0 100.00% pf_test [5] 3.2 453703.00 30792.00 0 100.00% bcopy [6] 2.9 481264.00 27561.00 0 100.00% pf_test_tcp [7] 2.1 501546.00 20282.00 0 100.00% pfsync_pack_state [8] 2.0 520685.00 19139.00 0 100.00% pf_state_compare_id [9] 2.0 539293.00 18608.00 0 100.00% bridge_pfil [10] 1.6 554228.00 14935.00 0 100.00% uma_zfree_arg [11] 1.5 568593.00 14365.00 0 100.00% uma_zalloc_arg [12] 1.4 581556.00 12963.00 0 100.00% bzero [13] 1.2 592594.00 11038.00 0 100.00% bus_dmamap_load_mbuf_sg [14] 1.1 603052.00 10458.00 0 100.00% bridge_rtnode_lookup [15] 1.1 613173.50 10121.50 0 100.00% _rw_rlock [16] 1.0 622984.50 9811.00 0 100.00% rn_match [17] 1.0 632477.00 9492.50 0 100.00% pf_state_tree_id_RB_REMOVE [18] 0.9 641356.00 8879.00 0 100.00% bridge_forward [19] 0.9 649984.00 8628.00 0 100.00% em_encap [20] 0.9 658479.00 8495.00 0 100.00% _rw_runlock [21] So the kernel spend 24.4% waiting for _mtx_lock_sleep .. I think something is really wrong here. I'll make profiling with polling enabled on network interfaces. -- Best Wishes, Stefan Lambrev ICQ# 24134177