From owner-freebsd-performance@FreeBSD.ORG Wed Sep 29 21:47:02 2010 Return-Path: Delivered-To: freebsd-performance@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4E25B106566B for ; Wed, 29 Sep 2010 21:47:02 +0000 (UTC) (envelope-from mksmith@adhost.com) Received: from mail-defer01.adhost.com (mail-defer01.adhost.com [216.211.128.176]) by mx1.freebsd.org (Postfix) with ESMTP id 2B1B78FC15 for ; Wed, 29 Sep 2010 21:47:01 +0000 (UTC) Received: from mail-in04.adhost.com (mail-in04.adhost.com [10.212.3.14]) by mail-defer01.adhost.com (Postfix) with ESMTP id 8B06A67EC7E for ; Wed, 29 Sep 2010 14:31:18 -0700 (PDT) (envelope-from mksmith@adhost.com) Received: from ad-exh01.adhost.lan (exchange.adhost.com [216.211.143.69]) by mail-in04.adhost.com (Postfix) with ESMTP id 4C6ED614FD4; Wed, 29 Sep 2010 14:31:17 -0700 (PDT) (envelope-from mksmith@adhost.com) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Wed, 29 Sep 2010 14:31:16 -0700 Message-ID: <17838240D9A5544AAA5FF95F8D52031608F04693@ad-exh01.adhost.lan> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: freebsd router Thread-Index: ActgGskg0hfLzrhORx+OJLLGOA++/gAAQExg References: From: "Michael K. Smith - Adhost" To: =?iso-8859-1?Q?Samuel_Mart=EDn_Moro?= , Cc: Subject: RE: freebsd router X-BeenThere: freebsd-performance@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Performance/tuning List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Sep 2010 21:47:02 -0000 Here are my settings for a box doing about 100 Mb/sec. I just included = the values that are different than yours. kern.ipc.somaxconn: 32768 net.inet.ip.check_interface: 0 net.inet.ip.fastforwarding: 0 net.inet.ip.portrange.first: 49152 net.inet.ip.rtexpire: 3600 net.inet.ip.rtmaxcache: 128 net.inet.ip.rtminexpire: 10 net.inet.ip.ttl: 64 net.inet.tcp.delacktime: 100 net.inet.tcp.drop_synfin: 0 net.inet.tcp.fast_finwait2_recycle: 0 net.inet.tcp.icmp_may_rst: 1 net.inet.icmp.icmplim: 2000 net.inet.tcp.msl: 30000 net.inet.tcp.rfc1323: 1 net.inet.tcp.inflight.enable: 0 net.inet.tcp.recvspace: 65536 net.inet.tcp.sendspace: 65536 net.inet.udp.maxdgram: 57344 net.inet.udp.recvspace: 65536 net.inet.raw.maxdgram: 9216 net.inet.raw.recvspace: 9216 net.local.dgram.maxdgram: 2048 net.local.dgram.recvspace: 4096 net.local.stream.sendspace: 8192 net.local.stream.recvspace: 65536 net.inet.tcp.local_slowstart_flightsize: 4 net.inet.tcp.nolocaltimewait: 0 vfs.read_max: 8 In addition, we set: net.inet.tcp.mssdflt=3D1460 kern.ipc.maxsockbuf=3D16777216 kern.ipc.nmbclusters=3D32768 kern.maxfiles=3D65536 kern.maxfilesperproc=3D32768 kern.maxvnodes=3D600000 net.inet.tcp.path_mtu_discovery=3D0 net.inet.tcp.recvbuf_auto=3D1 net.inet.tcp.recvbuf_inc=3D16384 net.inet.tcp.recvbuf_max=3D16777216 net.inet.tcp.sendbuf_auto=3D1 net.inet.tcp.sendbuf_inc=3D8192 net.inet.tcp.sendbuf_max=3D16777216 Regards, Mike -- Michael K. Smith - CISSP, GSEC, GISP Chief Technical Officer - Adhost Internet LLC mksmith@adhost.com w: +1 (206) 404-9500 f: +1 (206) 404-9050 PGP: B49A DDF5 8611 27F3 08B9 84BB E61E 38C0 (Key ID: 0x9A96777D) > -----Original Message----- > From: owner-freebsd-performance@freebsd.org [mailto:owner-freebsd- > performance@freebsd.org] On Behalf Of Samuel Mart=EDn Moro > Sent: Wednesday, September 29, 2010 1:45 PM > To: freebsd-performance@freebsd.org > Subject: freebsd router >=20 > Hi, >=20 >=20 > I'm trying to replace my (dying) gateway with a qnap ts-509 (1G DDR, = celeron > m420 1.6Ghzs). > I'm using mfsBSD, based on FreeBSD-RELEASE-8.1 amd64. > It's almost ready (zfs, nfs, dns, pf, ...), I'm checking everything's = OK to > swap the gate. >=20 >=20 > I noticed that opening a new connection to distant or local computer = is > (very) slow. > After that, everything works perfectly fine. > So I had a look at sysctl, and tried to fix that problem. >=20 > Now, when I start a ping on a client from my network (disabled on the = gate), > I have something like that: > faust@alpha ~ : time ping -c 4 google.com > PING google.com (66.249.92.104) 56(84) bytes of data. > 64 bytes from par03s01-in-f104.1e100.net (66.249.92.104): icmp_seq=3D1 = ttl=3D53 > time=3D7.12 ms > 64 bytes from par03s01-in-f104.1e100.net (66.249.92.104): icmp_seq=3D2 = ttl=3D53 > time=3D7.32 ms > 64 bytes from par03s01-in-f104.1e100.net (66.249.92.104): icmp_seq=3D3 = ttl=3D53 > time=3D7.18 ms > 64 bytes from par03s01-in-f104.1e100.net (66.249.92.104): icmp_seq=3D4 = ttl=3D53 > time=3D7.18 ms >=20 > --- google.com ping statistics --- > 4 packets transmitted, 4 received, 0% packet loss, time 15034ms > rtt min/avg/max/mdev =3D 7.126/7.205/7.329/0.128 ms > 0.000u 0.000s 0:25.08 0.0% 0+0k 0+0io 0pf+0w >=20 >=20 > So, it takes 5 seconds to display the first line (connect), and then 5 > second per ping. > 25 seconds, for 4 pings... > Obviously, my tries doesn't make it work any better... >=20 >=20 > I found some infos > here > , here limits.html> > , there and > there > But I'm still not sure about the tuning implications for most of those = vars. >=20 >=20 >=20 > Here is my sysctl.conf: > kern.coredump=3D0 > kern.ipc.somaxconn=3D4096 >=20 > net.inet.ip.check_interface=3D1 > net.inet.ip.fastforwarding=3D1 > net.inet.ip.forwarding=3D1 > net.inet.ip.portrange.first=3D1024 > net.inet.ip.portrange.last=3D65535 > net.inet.ip.rtexpire=3D2 > net.inet.ip.rtmaxcache=3D256 > net.inet.ip.rtminexpire=3D2 > net.inet.ip.ttl=3D42 >=20 > net.inet.udp.blackhole=3D1 > net.inet.tcp.blackhole=3D2 > net.inet.tcp.delacktime=3D42 > net.inet.tcp.delayed_ack=3D0 > net.inet.tcp.drop_synfin=3D1 > net.inet.tcp.fast_finwait2_recycle=3D1 > net.inet.tcp.icmp_may_rst=3D0 > net.inet.icmp.icmplim=3D42 > net.inet.tcp.ecn.enable=3D1 > net.inet.tcp.msl=3D5000 > net.inet.tcp.rfc1323=3D0 >=20 > net.inet.tcp.inflight.enable=3D1 > net.inet.tcp.inflight.max=3D1073725440 > net.inet.tcp.inflight.stab=3D20 > net.inet.tcp.inflight.min=3D1024 >=20 > net.inet.tcp.recvspace=3D82320 > net.inet.tcp.sendspace=3D82320 > net.inet.udp.maxdgram=3D82320 > net.inet.udp.recvspace=3D82320 > net.inet.raw.maxdgram=3D82320 > net.inet.raw.recvspace=3D82320 > net.local.dgram.maxdgram=3D82320 > net.local.dgram.recvspace=3D82320 > net.local.stream.sendspace=3D82320 > net.local.stream.recvspace=3D82320 > net.inet.tcp.local_slowstart_flightsize=3D10 > net.inet.tcp.nolocaltimewait=3D1 >=20 > vfs.read_max=3D32 >=20 >=20 >=20 >=20 > So, I was wondering, is something wrong in there? > Or should I keep looking somewhere else? > Where? >=20 >=20 >=20 > Thanks for your help, >=20 > -- > Samuel Mart=EDn Moro > {EPITECH.} tek5 > _______________________________________________ > freebsd-performance@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-performance > To unsubscribe, send any mail to "freebsd-performance- > unsubscribe@freebsd.org"