From owner-freebsd-questions@FreeBSD.ORG Tue Dec 30 20:29:58 2008 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A3344106572B for ; Tue, 30 Dec 2008 20:29:58 +0000 (UTC) (envelope-from kes-kes@yandex.ru) Received: from forwards4.yandex.ru (forwards4.yandex.ru [77.88.32.20]) by mx1.freebsd.org (Postfix) with ESMTP id 556A18FC0C for ; Tue, 30 Dec 2008 20:29:58 +0000 (UTC) (envelope-from kes-kes@yandex.ru) Received: from smtp5.yandex.ru (smtp5.yandex.ru [77.88.32.24]) by forwards4.yandex.ru (Yandex) with ESMTP id 4664419302D for ; Tue, 30 Dec 2008 23:29:57 +0300 (MSK) Received: from 221-11-113-92.pool.ukrtel.net ([92.113.11.221]:44811 "EHLO HOMEUSER" smtp-auth: "kes-kes" TLS-CIPHER: TLS-PEER-CN1: ) by mail.yandex.ru with ESMTP id S6144112AbYL3U3u (ORCPT ); Tue, 30 Dec 2008 23:29:50 +0300 X-Yandex-Spam: 1 X-Yandex-Front: smtp5 X-Yandex-TimeMark: 1230668990 X-BornDate: 1149541200 X-Yandex-Karma: 0 X-Yandex-KarmaStatus: 0 X-MsgDayCount: 3 X-Comment: RFC 2476 MSA function at smtp5.yandex.ru logged sender identity as: kes-kes Date: Tue, 30 Dec 2008 22:29:50 +0200 From: KES X-Mailer: The Bat! (v4.0.24) Professional Organization: SaftTen X-Priority: 3 (Normal) Message-ID: <213016870.20081230222950@yandex.ru> To: KES In-Reply-To: <1691697011.20081230214740@yandex.ru> References: <1691697011.20081230214740@yandex.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=windows-1251 Content-Transfer-Encoding: 8bit Cc: questions@freebsd.org Subject: Re: Performance loss with dynamic IPFW rules X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: KES List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Dec 2008 20:29:58 -0000 Здравствуйте, KES. Вы писали 30 декабря 2008 г., 21:47:40: K> Здравствуйте, Questions. K> 1 allow all from any to any via rl0 K> 2 allow all from any to any via rl1 K> 109 skipto 110 tcp from any to any 80 in recv $iface #split only http trafic K> 109 skipto 200 all from any to any #do not split all other trafic K> 110 check-state K> 111 prob 0.5 skipto 131 in recv rl2 K> 121 skipto 122 keep-state in recv rl2 K> 123 setfib 0 proto all in recv rl2 K> 125 skipto 150 proto all in recv rl2 K> 131 skipto 132 keep-state in recv rl2 K> 133 setfib 1 proto all in recv rl2 K> 135 skipto 150 proto all in recv rl2 K> I am connected on rl1. K> INET is rl0, rl1 each 4Mbit/s K> When I open many connections I get performance loss: K> 1) Web pages are not opened (it seems flow at start goes through rl0 K> and then goes rl1. EXPECTED: it flows only through one channel until K> closed) K> 2) I get about 2Mbit/s while downloading something K> When I not open many flows I get 8Mbit/s while serfing K> What is problem? Also another interesting behaviour. Packets with FIB 1 are outgoing through rl0 interface, but must out go via rl1. Why? -- С уважением, KES mailto:kes-kes@yandex.ru