Date: Fri, 16 Jun 2006 13:59:01 -0500 From: "J.D. Bronson" <jbronson@wixb.com> To: freebsd-questions@freebsd.org Subject: pf + ftp throughput Message-ID: <7.0.1.0.2.20060616135513.00e743b0@sixcompanies.com>
next in thread | raw e-mail | index | archive | help
given the following rules: # Permit internal network to send packets through the firewall pass in quick on $INT_IF from $INT_IF:network to any flags S/SA keep state # Permit traffic from firewall to initiate connection to internal network: pass out quick on $INT_IF from any to $INT_IF:network flags S/SA keep state ..I have noticed that if I use 'keep state' ftp rates are fine (machine to machine...not via ftp-proxy) but if I change this to 'modulate state' my ftp rates fall... For example...moving a 50MB file: 'keep state' = 11-12MB/sec over 100MB-FDX 'modulate state = 6-7MB/sec over 100MB-FDX ..it took me a while to determine the culprit here - but I am curious as to why this is the case?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7.0.1.0.2.20060616135513.00e743b0>