From owner-freebsd-pf@FreeBSD.ORG Fri Oct 4 15:28:32 2013 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6A4DF5D2 for ; Fri, 4 Oct 2013 15:28:32 +0000 (UTC) (envelope-from Stephane.DAlu@insa-lyon.fr) Received: from smtp.insa-lyon.fr (criges14.insa-lyon.fr [134.214.76.242]) by mx1.freebsd.org (Postfix) with ESMTP id 29F29241B for ; Fri, 4 Oct 2013 15:28:31 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.insa-lyon.fr (Postfix) with ESMTP id A1FBBF125B; Fri, 4 Oct 2013 17:28:32 +0200 (CEST) X-Virus-Scanned: SMTP at INSA-LYON Received: from smtp.insa-lyon.fr ([127.0.0.1]) by localhost (criges14.insa-lyon.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b7pV8nKLBvDM; Fri, 4 Oct 2013 17:28:32 +0200 (CEST) Received: from hyperion.home.sdalu.com (hyperion.citi.insa-lyon.fr [134.214.146.249]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: sdalu) by smtp.insa-lyon.fr (Postfix) with ESMTPSA id 24FF1F1259; Fri, 4 Oct 2013 17:28:32 +0200 (CEST) Message-ID: <524EDE9E.2010109@insa-lyon.fr> Date: Fri, 04 Oct 2013 17:28:30 +0200 From: Stephane D'Alu Organization: CITI / INSA-Lyon User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: sven falempin Subject: Re: pf deadly slow References: <524EBFDD.7090604@insa-lyon.fr> In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Oct 2013 15:28:32 -0000 On 10/04/13 16:48, sven falempin wrote: > configure ALTQ (maybe the absence of configurating is not nicely working), > i think freebsd has virtio support , Yes, since 9.2 virtio drivers are included in base distribution > > i am interested in the result :-) I switched from virtio to 82545EM (with em driver), and performance are back to normal. Look like a bug / bad interraction between virtio and pf. (I don't know if VirtualBox as also a part in it) > > > OpenBSD is currently completly rewriting the queing system > and improving performance. > > > > > On Fri, Oct 4, 2013 at 9:17 AM, Stephane D'Alu > > wrote: > > I'm running FreeBSD 9.2 inside VirtualBox with virtio for the nework > card. pf is compiled with ALTQ support. > > My pf.conf file is as follow, which do nearly nothing: > set skip on lo0 > set skip on vnet0 > > If pf is enabled, bandwith drop by a 1000 factor! > From 10Mb/s to 4Kb/s > > Any idea, what's going on? > > > PS: > - I have the same kind of configuration FreeBSD 9.2, pf + ALTQ > and real firewall rules on a non virtualized server and everything > is fine. > - I will try to remove ALTQ and use em driver instead, to see if there > is a performance improvement > > Sincerly > -- > Stephane D'Alu -- Ingenieur Recherche > Laboratoire CITI / INSA-Lyon > Tel: +33 47243 6483 > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org > " > > > > > -- > --------------------------------------------------------------------------------------------------------------------- > () ascii ribbon campaign - against html e-mail > /\ -- Stephane D'Alu -- Ingenieur Recherche Laboratoire CITI / INSA-Lyon Tel: +33 47243 6483