Network severely unstable 10.0-PRERELEASE
wishmaster
artemrts at ukr.net
Sun Dec 22 20:06:27 UTC 2013
--- Original message ---
From: "Berend de Boer" <berend at pobox.com>
Date: 22 December 2013, 20:56:35
> Hi All,
>
> pf has not worked well for me after version 8. Certain rules crash the
> kernel
> (http://www.freebsd.org/cgi/query-pr.cgi?pr=misc/182141). Avoiding
> these rules gave me something that at least kept the system alive on a
> 10-CURRENT.
>
> But since the RC versions my system stays up for only a few days,
> before I need a reboot as network connectivity gets reset.
>
> It's the modem (pppoe), every few minutes all tcp (?) connections get
> dropped somehow. A reboot fixes it for a week or so.
>
> I have no clue how to debug this.
>
> But I'm getting pretty scared of pf, and going back to ipfw might seem
> best.
>
> What are people's thoughts on pf in FreeBSD, does it have a future?
> Are there people working on pf? Should I simply forget about it, and
> go back to ipfw?
>
It's just my IMHO and experience. Pf in 10 is good, especially in performance context (thx glebius@) but, unfortunately, yes you should forgot about pf if you are planning to use not only firewalling but shaper/prioritization too due to poor performance/flexibility of ALTQ, especially in case of complex network topologies.
Or you can use OpenBSD with new "prio" queueing mechanism
Cheers,
w
More information about the freebsd-pf
mailing list