Slow Performance with OpenBSD's PF on 5.3-RELEASE

Tomas Quintero tomasq at gmail.com
Sun Mar 20 12:40:05 PST 2005 

I wasn't quite sure where to start, so I just gave conf lines.

The machine is not yet running DNS, DHCPd, etc. however once I have
this ironed out I do intend to setup caching DNS and DHCPd. The
problem seems to be with Internal LAN clients getting extremely slow
speeds. Web pages load extremely slow, if at all.

Externally, when I am fetching etc. to determine what speeds the
actual machine is getting, it starts off slow then accelerates to
250-300KB/s, which it should be getting.

On Sun, 20 Mar 2005 11:56:16 -0800, Thomas Foster <tbonius at comcast.net> wrote:
> I think more information might be required than just your conf files.  What
> slow performance are you seeing?  Are internal LAN clients having issues
> with using this computer as a firewall/router?  Are you running an internal
> DNS?  DHCPd?
>
> Just a start..
>
> T
> ----- Original Message -----
> From: "Tomas Quintero" <tomasq at gmail.com>
> To: <freebsd-questions at freebsd.org>
> Sent: Sunday, March 20, 2005 11:36 AM
> Subject: Slow Performance with OpenBSD's PF on 5.3-RELEASE
>
> >I recently setup a box with 5.3 release and enabled PF in order to do
> > NAT and eventually firewalling and bandwidth control when I become
> > more acustom to the workings of PF. Regardless of which however, I'm
> > having tremendous speed issues with the box currently.
> >
> > Here is my pf.conf:
> > ext_if="rl1"
> > int_if="xl0"
> > int_net="192.168.1.0/24"
> > nat on $ext_if from $int_net to any -> $ext_if
> >
> > pass in all keep state
> > pass out all keep state
> >
> > Here is my rc.conf:
> > defaultrouter="63.135.xxx.xxx"
> > gateway_enable="YES"
> > hostname="ORCA.****"
> > ifconfig_rl1="inet 63.135.xxx.xxx netmask 255.255.255.240"
> > ifconfig_xl0="inet 192.168.1.1 netmask 255.255.255.0"
> > linux_enable="YES"
> > sshd_enable="YES"
> > usbd_enable="YES"
> > pf_enable="yes"
> > pf_rules="/etc/pfrules.conf"
> > pf_flags=""
> > pflog_enable="YES"
> > pflog_logfile="/var/log/pflog"
> > pflog_flags=""
> >
> >
> > --
> > -Tomas Quintero
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> > "freebsd-questions-unsubscribe at freebsd.org"
> >
>
>

--
-Tomas Quintero


-- 
-Tomas Quintero

More information about the freebsd-questions mailing list