Date: Tue, 31 Aug 2010 18:57:58 -0400 From: Kevin Way <kevin.way@gmail.com> To: freebsd-pf@freebsd.org Subject: Performance problem w/pf using reply-to on FreeBSD 8.1 Message-ID: <ACADA83C-45C1-4F69-9DB8-809940EC4A30@gmail.com>
next in thread | raw e-mail | index | archive | help
After upgrading to 8.1, I'm having a severe performance problem, that's throttling connections down to about 5kb/sec. The same configuration works flawlessly on 8.0. The rest of the ruleset works fine, our problem is just with this one line. (uname -a) FreeBSD 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:36:49 UTC 2010 root@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 (pf.conf) jailhost_if="vlan34" jailhost_gateway="10.11.34.1" jailhost_network="10.11.34.0/24" pass in quick on $jailhost_if reply-to ($jailhost_if $jailhost_gateway) \ from !$jailhost_network to $jailhost_network keep state label "Jailhost inbound" (what happens almost instantly after a connection is initiated) # pfctl -vvsl | grep "Jailhost inbound" Jailhost inbound 35734 269954511 408697347239 134975646 10797967079 134978865 397899380160 Any help would be greatly appreciated. Regards, Kevin Way
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ACADA83C-45C1-4F69-9DB8-809940EC4A30>