Thread: Network Speed Issues - Not ISP Related
View Single Post
  #28   (View Single Post)  
Old 17th December 2009
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,131
Default
RE: tcp receive space of 131070

So this seems to be the optimal setting for getting 1.6 MB downloads, when the Atom board has been connected directly to your D-Link router, and doesn't have to do the PPPoE stuff.

The bad news is that increasing this value on OBSD as an router, has no influence whatsoever
It only has effect on a communication end-point, or a box which has setup a network or internet socket. A router only passes packets in and out and doesn't use network sockets, whose speed of operation can be optimized by increasing buffer space.

RE: the netstat diagnostics

The netstat -ss doesn't show any excessive retransmissions or other errors, so that is ok. Same applies to the netstat -in output.

Strategy to use OBSD on the Atom board as router

One simple way is to enable pf and instruct it to do NAT.

Why? Your external interface re0 gets a 192.168.0.0/24 address from the D-link, while your internal network, your laptop, is connected to re1, which has a 10.0.0.1/24 address.

The D-link will have no problem NATting the 10.0.0.0/24 address of the laptop to it's public address. When a return packet arrives for a connection initiated by the 10.0.0.0 network, the D-link will have no problem in properly converting, deNATting, the packet back to the initiating 10.0.0.0/24 address.

It has only one slight problem, it doesn't know where the hell to send this packet to. It only knows its internal 192.168.0.0/24 network.

It wouldn't have this problem if it could be told to route reply packets for the 10.0.0.0/24 network to 192.168.0.1 address. In other words for the D-link 192.168.0.1 is the gateway for the 10.0.0.0/24 network.

If the D-link doesn't allow to add this static route, you can circumvent it by doing NAT on the OBSD box.

My assignment to you:
  1. Refrain from doing PPPoE on the OBSD box for now,
  2. Create a simple pf which just does NAT and only allows traffic out, which has been initiated by your 10.0.0.0/24 and 192.168.0.0/24 network.

    Because pf makes these rules stateful, the return traffic will have allowed in without any problem
  3. Find out whether the D-link can be configured to accept static routes.

    If that is possible pf doesn't have to do NAT

Re: amd64 versus i386 speed

Because I wanted this thread to focus on the network speed issue, and not drift away to a why "OBSD i386 would be faster than amd64 " discussion I refrained from speaking out till now.
.
I have read several times on misc where Henning Brauer suggested to use OpenBSD i386 on AMD boxes, instead of the amd64 version if speed for a pf box was a concern. I only didn't manage to locate those messages in the misc mailing list archives

Feel free to open another thread for this issue, but in this thread let us focus on the network speed problem. Thanks
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote