Date: Mon, 4 Mar 2002 15:52:54 -0500 From: "Deepak Jain" <deepak@ai.net> To: "Larry Cronin" <lccronin@hotmail.com>, <freebsd-questions@FreeBSD.ORG> Subject: RE: Freebsd ipf firewall and slow web access Message-ID: <GPEOJKGHAMKFIOMAGMDIKEMKJJAA.deepak@ai.net> In-Reply-To: <F85rzdDW6lCPx33E1io000002b9@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Make sure you have enough MBUFs [NMBCLUSTERS] in your kernel. When the speed gets poor, log into the firewall box [pref at the console] and do a "netstat -m" to make sure you are not running into memory denied/delayed errors. 1.5Mb/s may be enough bandwidth to hurt the default MBUF settings with a low number of maxusers configured. If that fails, check your interrupt load with a systat :vmstat, you may be hurting the box, but I doubt it. I remember 133mhz i486-type PCs could crush T-1s with web access. Regards, Deepak Jain AiNET -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Larry Cronin Sent: Monday, March 04, 2002 3:43 PM To: freebsd-questions@FreeBSD.ORG Subject: Freebsd ipf firewall and slow web access Hello, We recently moved ISP's and in the process we setup a FreeBSD stable 4.2 firewall using IPF with stateful. The box is PII 233 with 64 MB RAM and a 20GB drive. We tested this with about 20 or so pc's and the speed was fine, we are using a T1. When we went live with or so 80 pc's the speed is great for a few minutes and then terrible for a few minutes. We are not running NAT. My network is as follows router firewall-out firewall-in network 999.888.777.129 999.888.777.130 999.888.666.1 999.888.666.- Thanks Larry _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?GPEOJKGHAMKFIOMAGMDIKEMKJJAA.deepak>