Antony Mawer fbsd-performance at
Fri Jan 12 16:26:45 PST 2007

On 13/01/2007 10:08 AM, Patrick Proniewski wrote:
> the FreeBSD has 1 GB DDR2 ECC, 2 250GB SATA II HDD (but motherboard 
> controler is on SATA I) and uses pf:
> # pfctl -s all
> nat on fxp0 inet from to any -> (fxp0) round-robin
> scrub in all fragment reassemble
> block return all
> block return in log quick proto tcp from <sshscan> to any port = ssh
> pass quick on lo0 all
> [ bunch of block in/out and pass in rules applying only on fxp0, the 
> external IF ]
> pass in inet proto icmp all icmp-type echoreq keep state
> pass in on em0 inet from to any keep state
> pass out on em0 inet from any to keep state
> [ few pass out rules applying only on fxp0, the external IF ]
> No queue in use

Does disabling pf/clearing out the rules make any difference to the 
speeds you can achieve? In particular I'm not sure what the performance 
impact of the "scrub in all" might be. Certainly worth a quick test!


