RE: Firewall & DSL performance
From: Darryl Hoar (darryl_at_osborne-ind.com)
Date: 03/10/04
- Previous message: Sergey 'DoubleF' Zaharchenko: "Re: Using int 13 while BSD is running"
- Maybe in reply to: Darryl Hoar: "Firewall & DSL performance"
- Next in thread: Nathan Kinkade: "Re: Firewall & DSL performance"
- Reply: Nathan Kinkade: "Re: Firewall & DSL performance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: "'Mike Jackson'" <mj@sci.fi> Date: Wed, 10 Mar 2004 08:10:05 -0600
Well,
last night I changed the ipf.rules file to be:
pass in all keep state
pass out all keep state
to completely open my firewall to test my performance.
Well, it didn't make a lick of difference. Still got
700K.
If I open the firewall like I did, shouldn't performance
be a non issue ?
thanks,
Darryl
> -----Original Message-----
> From: Mike Jackson [mailto:mj@sci.fi]
> Sent: Tuesday, March 09, 2004 11:55 AM
> To: Darryl Hoar
> Subject: Re: Firewall & DSL performance
>
>
> Darryl Hoar (darryl@osborne-ind.com) wrote:
> >
> > Problem:
> > Recently, our ISP upgraded (at no charge) our connection
> from 512K to
> > 1.5Mb. When testing from a computer on my Lan, I was only
> seeing about
> > 700K. Testing at the box on the side of my house yielded
> 1.5Mb. Testing
> > at the jack inside also yielded 1.5Mb. So, my firewall seems to be
> > slowing things down.
>
> Run `top' and watch the memory and processor usage when
> downloading an iso
> from some internet site.
>
> Open another terminal and run `iostat -odICTw 2 -c 9', to
> watch your io
> performance.
>
> Open another terminal and run `vmstat -w 5', to watch virtual memory
> statistics.
>
> Finally, a slow processor just might be the bottleneck. For
> example, if
> you put a gigabit ethernet card in a P4 and one in a P2, you will most
> likely not get full speed - especially if there is kernel level packet
> interception going, e.g. ipsec, nat, or firewall filters.
>
> HTH,
> --
> Mike Jackson
>
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
- Previous message: Sergey 'DoubleF' Zaharchenko: "Re: Using int 13 while BSD is running"
- Maybe in reply to: Darryl Hoar: "Firewall & DSL performance"
- Next in thread: Nathan Kinkade: "Re: Firewall & DSL performance"
- Reply: Nathan Kinkade: "Re: Firewall & DSL performance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
