From owner-freebsd-questions@FreeBSD.ORG  Wed Feb 21 18:48:44 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id BB5B2170300
	for <freebsd-questions@freebsd.org>;
	Wed, 21 Feb 2007 18:48:44 +0000 (UTC)
	(envelope-from wmoran@collaborativefusion.com)
Received: from mx00.pub.collaborativefusion.com
	(mx00.pub.collaborativefusion.com [206.210.89.199])
	by mx1.freebsd.org (Postfix) with ESMTP id 69A9A13C4B6
	for <freebsd-questions@freebsd.org>;
	Wed, 21 Feb 2007 18:48:44 +0000 (UTC)
	(envelope-from wmoran@collaborativefusion.com)
Received: from vanquish.pgh.priv.collaborativefusion.com
	(vanquish.pgh.priv.collaborativefusion.com [192.168.2.61])
	(SSL: TLSv1/SSLv3,256bits,AES256-SHA)
	by wingspan with esmtp; Wed, 21 Feb 2007 13:48:43 -0500
	id 000567EE.45DC940B.00011942
Date: Wed, 21 Feb 2007 13:48:43 -0500
From: Bill Moran <wmoran@collaborativefusion.com>
To: "=?ISO-8859-1?Q?\"Jos=E9?= Pablo =?ISO-8859-1?Q?Fern=E1ndez\"?="
	<pablo.fernandez@rs.com.ar>
Message-Id: <20070221134843.d96603b4.wmoran@collaborativefusion.com>
In-Reply-To: <200702211527.06081.pablo.fernandez@rs.com.ar>
References: <200702202021.55723.pablo.fernandez@rs.com.ar>
	<200702211441.29405.pablo.fernandez@rs.com.ar>
	<20070221125015.ad78d4dd.wmoran@collaborativefusion.com>
	<200702211527.06081.pablo.fernandez@rs.com.ar>
Organization: Collaborative Fusion
X-Mailer: Sylpheed 2.3.0 (GTK+ 2.10.9; i386-portbld-freebsd6.1)
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: freebsd-questions@freebsd.org
Subject: Re: PF slowing down file copies
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Feb 2007 18:48:44 -0000

In response to "Jos=E9 Pablo Fern=E1ndez" <pablo.fernandez@rs.com.ar>:

> On Wednesday 21 February 2007 14:50, Bill Moran wrote:
> > > When I disable PF I can't reach outside because that is what is in ch=
arge
> > > of NATing, but I can reach the other network, and the copy just works.
> >
> > Have you tried stripping your pf rules down to JUST nat to see if the
> > problem changes?
>=20
> If I put
>=20
> pass in quick
> pass out quick
>=20
> just below the nat and rdr rules in pf.conf, then the copy happens ok, at=
=20
> normal (fast) speed.

Well, it's definitely pf that's doing it, then.

Some basic diagnostics would be to add parts back into the pf one or two
rules at a time to see exactly what rules are causing the issue.

You could also post your entire ruleset to the list.  It's possible that
some pf guru will see an obvious mistake in the way they're laid out.

--=20
Bill Moran
Collaborative Fusion Inc.