PF state key linking mismatch in FreeBSD 9.0-RELEASE

Thu Jan 12 22:37:32 UTC 2012

On 12. Jan 2012, at 22:26 , Matt Lager wrote:

> Interesting. I feel like the performance is degraded quite a bit between two VPN points that display these messages vs. two VPN points that don't display these messages, though I could be wrong. Is your basic suggestion to not consider this a concern and continue forward with my VPN rollouts?

Well as said "can be painful with a slow (serial) console".  If you are triggering the printf per packet and have enough pps your console can slow things down.

The solution probably is to compile your own kernel and either have the PR problem fixed or the printf removed.   The latter can be done quickly the former needs a bit of time...

/bz

-- 
Bjoern A. Zeeb                                 You have to have visions!
   It does not matter how good you are. It matters what good you do!