From owner-freebsd-net@FreeBSD.ORG Mon Nov 14 03:15:19 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 42B141065672 for ; Mon, 14 Nov 2011 03:15:19 +0000 (UTC) (envelope-from bsd@xerq.net) Received: from cartman.xerq.net (cartman.xerq.net [67.52.126.46]) by mx1.freebsd.org (Postfix) with ESMTP id 1C1878FC13 for ; Mon, 14 Nov 2011 03:15:18 +0000 (UTC) Received: from cartman.xerq.net (unknown [127.52.126.46]) by cartman.xerq.net (Postfix) with ESMTP id 62935569D9 for ; Sun, 13 Nov 2011 18:59:00 -0800 (PST) Received: from cartman.xerq.net ([127.52.126.46]) by cartman.xerq.net (cartman.xerq.net [127.52.126.46]) (amavisd-new, port 10024) with ESMTP id oz_NCe7nIaKd for ; Sun, 13 Nov 2011 18:58:54 -0800 (PST) Received: from www1.xerq.net (localhost [127.52.126.46]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by cartman.xerq.net (Postfix) with ESMTPSA id 00595569B5 for ; Sun, 13 Nov 2011 18:58:53 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Sun, 13 Nov 2011 18:58:53 -0800 From: Matt Connor To: In-Reply-To: <4EC072CB.5030800@freebsd.org> References: <4EC033B7.5080609@soe.ucsc.edu> "<4EC0395C.3030302@swin.edu.au>" <4EC055CB.40100@soe.ucsc.edu> "<4EC0585F.5000104@soe.ucsc.edu>" <4EC05F58.1050103@soe.ucsc.edu> <4EC072CB.5030800@freebsd.org> Message-ID: <9898624e64a38e5e860591d194ec5c70@www1.xerq.net> X-Sender: bsd@xerq.net User-Agent: XERQ Webmail/0.6 Subject: Re: Arg. TCP slow start killing me. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2011 03:15:19 -0000 On 13.11.2011 17:45, Julian Elischer wrote: > On 11/13/11 4:22 PM, Erich Weiler wrote: >>> Yeah, skimming fail, I didn't realize the machine was not the >>> termination point of your connections. I do have patches back >>> ported >>> that would likely get the modular congestion control working on >>> 8.1, >>> but neither my suggestions nor the implementation of Cubic will >>> help >>> much as mentioned. >> >> Given that my firewall is simply forwarding packets in and out, and >> is not an endpoint, does anyone think tuning up buffers would help >> here? If so, which buffers/sysctl parameters would be worth trying? > > I can not answer abut pf but I'll say that if I were using ipfw I > would use dummynet to rate linit the speed that the incoming packets > were passed on to the client macjines and I would make that limit > just > alittle slower than the incoming link's real speed. > that way the linit would be In my machine instead of in my ISPs > machines. > > If pf has a similar mechanism to dummy net then you may be able to > try that. > Have you considered empty ACK prioritization? I implemented this a year ago on a pair of production edge routers and noticed significant improvement on throughput. I have production code examples if you require them, but this link should be more than enough to get you started: http://www.benzedrine.cx/ackpri.html -Matt