DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 11th December 2009
Ernball Ernball is offline
New User
 
Join Date: Dec 2009
Posts: 2
Thanked 0 Times in 0 Posts
Default Network Speed Issues

I'm running a small network at home with OBSD4.6 as a gateway/firewall to multiple windows boxes. After upgrading this box from 3.9 to 4.6, I noticed some changes in throughput to said windows boxes. When using programs that create multiple connections (newsreader - 20 connections or Bittorrent) the network seems to max out at 800KB/s. However, if I'm just grabbing one large file from an FTP server, I can get much more than that. If I do a speed test at speedtest.net, I hit about 7.5MB/s from the windows boxes.

If I change my pf rules to pass all, I can hit about 850KB/s, so I don't think it's the pf rules.

My pf.conf and dmesg are below, the main windows box in question is running win7.

Code:
OpenBSD 4.6 (GENERIC.MP) #81: Thu Jul  9 21:26:19 MDT 2009
    deraadt@amd64.openbsd.org:/usr/src/s...ile/GENERIC.MP
real mem = 2135117824 (2036MB)
avail mem = 2060746752 (1965MB)
RTC BIOS diagnostic error 80<clock_battery> mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe3590 (23 entries)
bios0: vendor Intel Corp. version "LF94510J.86A.0182.2009.0528.2014" date 05/28/2009
bios0: Intel Corporation D945GCLF2
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC WDDT MCFG ASF!
acpi0: wakeup devices SLPB(S4) P32_(S4) UAR1(S4) UAR2(S4) PEX0(S4) PEX1(S4) PEX2(S4) PEX3(S4) PEX4(S4) PEX5(S4) UHC1(S3) UHC2(S3) UHC3(S3) UHC4(S3) EHCI(S3) AC9M(S4) AZAL(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Atom(TM) CPU 330 @ 1.60GHz, 1596.25 MHz
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,CX16,xTPR,NXE,LONG
cpu0: 512KB 64b/line 16-way L2 cache
cpu0: apic clock running at 135MHz
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Atom(TM) CPU 330 @ 1.60GHz, 1627.93 MHz
cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,CX16,xTPR,NXE,LONG
cpu1: 512KB 64b/line 16-way L2 cache
cpu2 at mainbus0: apid 1 (application processor)
cpu2: Intel(R) Atom(TM) CPU 330 @ 1.60GHz, 1627.93 MHz
cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,CX16,xTPR,NXE,LONG
cpu2: 512KB 64b/line 16-way L2 cache
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Atom(TM) CPU 330 @ 1.60GHz, 1627.93 MHz
cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,CX16,xTPR,NXE,LONG
cpu3: 512KB 64b/line 16-way L2 cache
ioapic0 at mainbus0 apid 2 pa 0xfec00000, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 2 acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 4 (P32_)
acpiprt2 at acpi0: bus 1 (PEX0)
acpiprt3 at acpi0: bus -1 (PEX1)
acpiprt4 at acpi0: bus 2 (PEX2)
acpiprt5 at acpi0: bus 3 (PEX3)
acpiprt6 at acpi0: bus -1 (PEX4)
acpiprt7 at acpi0: bus -1 (PEX5)
acpicpu0 at acpi0
acpicpu1 at acpi0
acpicpu2 at acpi0
acpicpu3 at acpi0
acpibtn0 at acpi0: SLPB
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 82945G Host" rev 0x02
vga1 at pci0 dev 2 function 0 "Intel 82945G Video" rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0x80000000, size 0x10000000 inteldrm0 at vga1: apic 2 int 16 (irq 11) drm0 at inteldrm0 ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01: apic 2 int 17 (irq 255)
pci1 at ppb0 bus 1
re0 at pci1 dev 0 function 0 "Realtek 8168" rev 0x02: RTL8168C/8111C (0x3c00), apic 2 int 16 (irq 11), address 00:1c:c0:c2:6c:64 rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2
ppb1 at pci0 dev 28 function 2 "Intel 82801GB PCIE" rev 0x01: apic 2 int 18 (irq 255)
pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 3 "Intel 82801GB PCIE" rev 0x01: apic 2 int 19 (irq 255)
pci3 at ppb2 bus 3
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x01: apic 2 int 23 (irq 9)
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x01: apic 2 int 19 (irq 10)
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x01: apic 2 int 18 (irq 11)
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x01: apic 2 int 16 (irq 11) ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x01: apic 2 int 23 (irq 9) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb3 at pci0 dev 30 function 0 "Intel 82801BA Hub-to-PCI" rev 0xe1
pci4 at ppb3 bus 4
skc0 at pci4 dev 0 function 0 "D-Link Systems DGE-530T B1" rev 0x11, Yukon Lite (0x9): apic 2 int 21 (irq 9) sk0 at skc0 port A: address 00:22:b0:62:34:e7 eephy0 at sk0 phy 0: 88E1011 Gigabit PHY, rev. 5 pcib0 at pci0 dev 31 function 0 "Intel 82801GB LPC" rev 0x01 pciide0 at pci0 dev 31 function 1 "Intel 82801GB IDE" rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: <TOSHIBA, DVD-ROM SD-R2412, 1330> ATAPI 5/cdrom removable
cd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 ignored (disabled)
pciide1 at pci0 dev 31 function 2 "Intel 82801GB SATA" rev 0x01: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI
pciide1: using apic 2 int 19 (irq 10) for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: <ST3250410AS>
wd0: 16-sector PIO, LBA48, 238475MB, 488397168 sectors
wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 ichiic0 at pci0 dev 31 function 3 "Intel 82801GB SMBus" rev 0x01: apic 2 int 19 (irq 10) iic0 at ichiic0 admtm0 at iic0 addr 0x2d: 47m192 spdmem0 at iic0 addr 0x50: 2GB DDR2 SDRAM non-parity PC2-5300CL5 
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: <PC speaker> spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7
mtrr: Pentium Pro MTRR support
uhidev0 at uhub2 port 1 configuration 1 interface 0 "Silitek IBM USB Keyboard" rev 1.10/1.00 addr 2
uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 modifier keys, 6 key codes
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
uhidev1 at uhub2 port 1 configuration 1 interface 1 "Silitek IBM USB Keyboard" rev 1.10/1.00 addr 2
uhidev1: iclass 3/0, 3 report ids
uhid0 at uhidev1 reportid 1: input=1, output=0, feature=0
uhid1 at uhidev1 reportid 2: input=1, output=0, feature=0
uhid2 at uhidev1 reportid 3: input=3, output=1, feature=0 softraid0 at root root on wd0a swap on wd0b dump on wd0b
pf.conf
Code:
#set runtime options
set block-policy drop

#don't examine traffic on loopback interfaces set skip on lo

#macros
ext_if="re0"
int_if="sk0"
LAN="172.31.31.0/28"
tcp_services="{ 22 }"
udp_services="{ }"
tyson="172.31.31.5"
tyson_ports="{ 1999, 6000:6100  }" 
voip="172.31.31.2"
voip_ports="{ 2427, 16384:32767 }"
mail="172.31.31.8"
mail_services="{ 25, 465 }"
http_services="{ 80, 443 }"

#tables
table <blackhole> persist file "/etc/blackhole.pftable"


#queuing (QoS)
#enable queueing on the external interface to queue packets going out to the internet altq on $ext_if cbq bandwidth 650Kb queue {bulk_out voip_out}
	queue bulk_out bandwidth 470Kb priority 1 cbq(default borrow)
	queue voip_out bandwidth 180Kb priority 7 cbq(borrow)

#enable queueing on the internal interface to queue packets coming in from the internet altq on $int_if cbq bandwidth 7Mb queue {bulk_in voip_in}
	queue bulk_in bandwidth 6.5Mb priority 1 cbq(default borrow)
	queue voip_in bandwidth 160Kb priority 7 cbq(borrow)


#NAT rules
nat on $ext_if from !($ext_if) -> ($ext_if:0)

#redirects
rdr pass on $ext_if proto tcp from any to any port 25 -> $mail port 25 rdr pass on $ext_if proto tcp from any to any port 465 -> $mail port 465 rdr pass on $ext_if proto tcp from any to any port 80 -> $mail port 80 rdr pass on $ext_if proto tcp from any to any port 443 -> $mail port 443 rdr on $ext_if proto tcp from any to any port 1999 \
	-> $tyson port 1999
rdr on $ext_if proto {tcp, udp} from any to any port 6000:6100 \
	-> $tyson port 6000:6100


####################################
#default deny

block in all
pass out all

#packet scrub
match in all scrub (no-df)

#drop all packets from those on the shitlist block in quick on {$ext_if, $int_if} from <blackhole> to any block out quick on {$int_if, $ext_if} from any to <blackhole>

#spoofed address protection
antispoof quick for { lo $int_if }

#pass voip traffic quick
pass in quick log on $ext_if proto {tcp udp} from any to $voip port $voip_ports \
	keep state queue voip_in
pass in quick log on $int_if proto {tcp udp} from $voip port $voip_ports to any \
	keep state queue voip_out

#allow traffic to services on this machine pass in log on $ext_if proto tcp from any to ($ext_if) \
	port $tcp_services keep state
#pass in log on $ext_if proto udp from any to ($ext_if) \
	port $udp_services keep state


#allow traffic to services on tyson's machine pass in log on $ext_if proto tcp from any to $tyson port $tyson_ports keep state pass in log on $int_if proto tcp from any to $tyson port $tyson_ports keep state

#allow all local traffic to leave
pass in on $int_if from any to any
Thanks for your help.
Tyson
Reply With Quote
  #2   (View Single Post)  
Old 11th December 2009
vermaden's Avatar
vermaden vermaden is offline
Administrator
 
Join Date: Apr 2008
Location: pl_PL.lodz
Posts: 1,052
Thanked 118 Times in 93 Posts
Default

@Ernball

Use also [ CODE ] tags for code/commands/config output.
__________________
religions, worst damnation of mankind
"If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds

Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”.
vermaden's: links resources deviantart spreadbsd
Reply With Quote
  #3   (View Single Post)  
Old 11th December 2009
roundkat roundkat is offline
Shell Scout
 
Join Date: May 2008
Posts: 107
Thanked 1 Time in 1 Post
Default

@Ernball
Not a BSD solution but something you might check to isolate your problem ..

Some time ago I had an "argument" with my ISP concerning my BW throughput..
and had to "prove it wasn't my equipment"...

One of the steps was to hookup the Windose box directly to my cable modem to "show" the tech that the problem "still existed" and it was NOT my OpenBSD firewall..

I would suggest that you try that..
I used speed tests to check mine and tried to do the tests about the same time every day to
get a "baseline"..


Oh and the ISP gave me 6 months credit on my business account when they finally found out it was "their" problem.. not mine.. My neighbors thanked me for my efforts
The ISP did not listen to them since they are non-technical "residential customers." ....

hth
rk
__________________
All posts sent on ReCycled Electrons...
Reply With Quote
  #4   (View Single Post)  
Old 12th December 2009
Ernball Ernball is offline
New User
 
Join Date: Dec 2009
Posts: 2
Thanked 0 Times in 0 Posts
Default

After more investigation, this appears to be on the ISP side. Thanks for the post.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot connect to IRC (network issues within OBSD?) guitarscn OpenBSD General 10 4th September 2009 12:35 PM
FreeBSD + Disk speed graudeejs FreeBSD Installation and Upgrading 9 19th November 2008 09:33 PM
RAID0 speed? graudeejs FreeBSD General 7 12th November 2008 08:46 PM
Vista network issues behind PF Firewall cerulean Other OS 3 10th November 2008 10:36 PM
Speed of and speeding up sshfs ninjatux FreeBSD General 2 30th July 2008 08:44 PM


All times are GMT. The time now is 02:01 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick