From owner-freebsd-performance@FreeBSD.ORG Thu May 26 18:52:53 2005 Return-Path: X-Original-To: freebsd-performance@freebsd.org Delivered-To: freebsd-performance@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 302AC16A41C for ; Thu, 26 May 2005 18:52:53 +0000 (GMT) (envelope-from pfak@telus.net) Received: from priv-edtnes51.telusplanet.net (outbound04.telus.net [199.185.220.223]) by mx1.FreeBSD.org (Postfix) with ESMTP id BEAE743D49 for ; Thu, 26 May 2005 18:52:52 +0000 (GMT) (envelope-from pfak@telus.net) Received: from localhost ([199.185.220.240]) by priv-edtnes51.telusplanet.net (InterMail vM.6.01.04.04 201-2131-118-104-20050224) with ESMTP id <20050526185251.XTEK4603.priv-edtnes51.telusplanet.net@localhost>; Thu, 26 May 2005 12:52:51 -0600 Received: from 64.180.103.26 ( [64.180.103.26]) as user a1b26634@192.168.200.1 by webmail.telus.net with HTTP; Thu, 26 May 2005 11:52:51 -0700 Message-ID: <1117133571.42961b03ca6fd@webmail.telus.net> Date: Thu, 26 May 2005 11:52:51 -0700 From: Peter Kieser To: Charles Swiger References: <1117129668.42960bc4b751b@webmail.telus.net> <9827650D-A61E-461A-85FC-A45413B42FEA@mac.com> In-Reply-To: <9827650D-A61E-461A-85FC-A45413B42FEA@mac.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1-cvs X-Originating-IP: 64.180.103.26 Cc: freebsd-performance@freebsd.org Subject: Re: Performance/lockup issues with FreeBSD as a router X-BeenThere: freebsd-performance@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Performance/tuning List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 May 2005 18:52:53 -0000 Quoting Charles Swiger : > On May 26, 2005, at 1:47 PM, Peter Kieser wrote: > > The nics are if_dc, this is a stock FreeBSD 5.4-RELEASE > > installation (no > > firewall or anything): > > > > Here's my /etc/sysctl.conf: > > > > net.inet.ip.rtexpire=1800 > > net.inet.ip.rtminexpire=1800 > > kern.maxfiles=32768 > > kern.maxfilesperproc=32768 > > kern.ipc.somaxconn=32767 > > net.inet.tcp.sendspace=256000 > > net.inet.tcp.recvspace=256000 > > kern.ipc.maxsockbuf=2097152 > > net.inet.ip.fastforwarding=1 > > net.inet.tcp.rfc1323=1 > > net.link.ether.inet.max_age=600 > > net.inet.tcp.msl=7500 > > net.inet.ip.fw.dyn_udp_lifetime=10 > > net.inet.ip.fw.dyn_buckets=1024 > > > > And here's my /boot/loader.conf: > > > > kern.ipc.maxsockets="163840" > > kern.maxusers="2048" > > > > Is there anythign I'm overlooking that would be causing the machine > > to lockup > > like this? > > Your settings are tuned so high that you may be running out of KVA > memory. I bet the system would be happier if you let maxusers > autotune itself (and then maybe adjust it by a factor of 2 from > there), and if you reduced kern.maxfilesperproc to 2048 or less, and > reduced the TCP sendspace to 65K. > > [ As a last resort, you might even try nixing the fastforwarding > option. It's well-suited for your task, and you do want it on if it > is working right, but maybe try running without it for a test. ] > > -- > -Chuck > > I've tried without fast forwarding, I've tried without the TCP sendspace as well as reducing it to 65K, I let maxusers auto tune itself and I've even tried uping the KVA space. I'm at a loss, what would be the ideal sysctl's/loader.conf for a router thats doing a fair amount of traffic?