DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 14th December 2009
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 102
Thanked 0 Times in 0 Posts
Default Network Speed Issues - Not ISP Related

I had a server crash on me (hdd) fail and I decided it was time to go from my 300mhz pc to a newer more efficient openbsd firewall.
By the recommendations on this site I went with an atom processor supermicro.com/products/motherboard/ATOM/945/X7SLA.cfm?typ=H
I have a single stick of 1gb of ram in the box.

The machine has dual nics built into the motherboard (re0, re1)

I went out and put the latest Amd64 OpenBSD 4.6 on the computer.

When I use the dlink router that my ISP supplied then I get 15mb down.
When I use the following configuration on my bsd box I get a burst of 1mb and an average of 300kb.


the first thing i did was enable ipforwarding
Code:
net.inet.ip.forwarding=1
my /etc/ppp/ppp.conf file contains the following
Code:
    
default:
     set log Phase Chat LCP IPCP CCP tun command
     set timeout 0
     set redial 15 0
     set reconnect 15 10000
     set server /var/run/ppp.sock "" 0177

    pppoe:
     set device "!/usr/sbin/pppoe -i re0"
     set mtu max 1492
     set mru max 1492
     set speed sync
     enable lqr
     disable acfcomp protocomp
     deny acfcomp
     add! default HISADDR
     set authname myusername
     set authkey mypwd

then i edited /etc/rc.local to the following
Code:
/sbin/ifconfig re0 up
/usr/sbin/ppp -ddial pppoe
then i set my pf.conf to allow all in and out going

What am I doing wrong? How can I improve my connection speed?


Any help is greatly appreciated!

Last edited by EverydayDiesel; 14th December 2009 at 04:25 PM.
Reply With Quote
  #2   (View Single Post)  
Old 14th December 2009
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 102
Thanked 0 Times in 0 Posts
Default

Does anyone know how I would begin to troubleshoot this?

How can I look at the PPPOE logs?

Am I using the wrong openbsd type (amd64) for this particular box?
Reply With Quote
  #3   (View Single Post)  
Old 14th December 2009
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,611
Thanked 214 Times in 189 Posts
Default

The tcpdump(8) tool can be used to trace packets, but obviously, knowledge of what to examine, and what it means, would be needed. I don't use PPPoE, so cannot help you with it.

You might post to the misc@ mailing list, looking for guidance.
Reply With Quote
  #4   (View Single Post)  
Old 14th December 2009
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 102
Thanked 0 Times in 0 Posts
Default

im a windoze developer by trade so im not new to computers. I just dont know OpenBSD as well as I should. Ill review the tcpdump man pages but until then someones gotta have a clue as to what might be causing this problem. There is alot of smart people on this board.
Reply With Quote
  #5   (View Single Post)  
Old 14th December 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,135
Thanked 182 Times in 149 Posts
Default

If your D-Link router allows you to add routes to it's routing table, then you could still use that router for speed and the Atom for OpenBSD firewall.

BTW if you just use your Atom board as an router, you better use the OBSD i386 version. That will be faster then amd64.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #6   (View Single Post)  
Old 14th December 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,135
Thanked 182 Times in 149 Posts
Default

How are you testing?

On my PII OBSD firewall I get a much lower download speed then on my Athlon 3700+ OBSD system which is behind the PII.

A couple of month my ISP increased my ADSL line from about 3000Kbit/s to 7296.
On my amd64 workstation the download speed only improved after changing net.inet.tcp.recvspace=32768 into net.inet.tcp.recvspace=65535

Please note that increasing the receive space only works for the receiving end, not for a router.

What is the output of ifconfig?
Code:
$ ifconfig re0
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:19:db:47:b0:4c
        groups: egress
        media: Ethernet autoselect (100baseTX full-duplex,rxpause,txpause)
        status: active
        inet 192.168.222.20 netmask 0xffffff00 broadcast 192.168.222.255
        inet6 fe80::219:dbff:fe47:b04c%re0 prefixlen 64 scopeid 0x2
Make sure it runs full-duplex and 100baseTX.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #7   (View Single Post)  
Old 14th December 2009
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 102
Thanked 0 Times in 0 Posts
Default

im testing using speedtest.net
test 1 was the dlink router and my laptop == 15mb
test 2 was the openbsd router and my laptop == 300k avg

ifconfig shows im 100 on the internet side and 1000 on the internal network side.


Ive got some pci 3com xl0 and xl1 cards that Im going to load and see if that makes any difference.

Ill also take your suggestion of letting the dlink handle the pppoe authentication and letting openbsds 'internet' side be dhcp and then handle the firewall and route out to the 'network' side

Last edited by EverydayDiesel; 14th December 2009 at 09:12 PM.
Reply With Quote
  #8   (View Single Post)  
Old 14th December 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,135
Thanked 182 Times in 149 Posts
Default

Like Jggimi I don't use PPPoE .My ISP uses PPPoA.

I use a Speedtouch router connected to the external NIC of an OBSD firewall.

The home network connects to the internal NIC of the OBSD box. This means that the internal NIC has a different network (192.168.222.x) then the Speedtouch which defaults to 10.x.x.x.
This setup only works if you tell the Speedtouch to route packets for the 192.168.222.x network through the 10.0.0.200 (external NIC OBSD pf box)

Do you have a link to the manual of your D-link router? That way I can check whether you can add static routes to the D-Link router. That way you wouldn't have to mess with the PPPoE stuff.

Or take the issue up with the misc mailing list. Give them a dmesg and your PPPoE config details, and wear your flame resistant suit
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #9   (View Single Post)  
Old 14th December 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

Quote:
Originally Posted by J65nko View Post
BTW if you just use your Atom board as an router, you better use the OBSD i386 version. That will be faster then amd64.
Why would i386 be noticeably faster than amd64?
Reply With Quote
Old 14th December 2009
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 102
Thanked 0 Times in 0 Posts
Default

how do I get on the misc mailing list...im not familiar with that.

The router I have is old and its discontinued. At one time I could add static routes to it but now the reset button does not work. (I even tried jumping the button and that didtn work either ). This particular router is notorious for having this problem. Im pretty sure I can just use DHCP since its the same subnet.

How can i mount a usb drive to copy the dmesg > boot.txt output?


Thanks again for the help
Reply With Quote
Old 14th December 2009
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 2,873
Thanked 190 Times in 160 Posts
Default

Quote:
Originally Posted by EverydayDiesel View Post
how do I get on the misc mailing list...
Subscription information can be found at the following:

http://openbsd.org/mail.html

Archives are kept at a number of sites. One of the simpler choices is marc.info
Reply With Quote
Old 14th December 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,135
Thanked 182 Times in 149 Posts
Default

Connect your Atom board to the D-Link router (disable the pppoe stuff) and from the command line, download by ftp a big file.

Jot down the speed. Then change the tcp receive speed like in my post and redownload it. See if the download speed approaches the one from your laptop directly connected to the D-link router.

A simple way to download a big file:

Code:
$ ftp -4a ftp://ftp.openbsd.org/pub/OpenBSD/4.6/i386/base46.tgz
Because ftp.openbsd.org can be busy at times, you better select a mirror close by. The file path usually is the same, see http://www.openbsd.org/ftp.html
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Old 15th December 2009
There0 There0 is offline
./dev/null
 
Join Date: Jul 2008
Posts: 169
Thanked 10 Times in 10 Posts
Default

@BSDfan666

Quote:
Quote:
Originally Posted by J65nko
BTW if you just use your Atom board as an router, you better use the OBSD i386 version. That will be faster then amd64.

Why would i386 be noticeably faster than amd64?
I too am curious as to why/how, my Atom cpu is only 32bit, i did not even try to install an amd64 version of OpenBSD on it, if it only supports 32bit cpus i could see how, but like i said i did not get to try a 64bit version of anything on it.
__________________
The more you learn, the more you realize how little you know ....
Reply With Quote
Old 15th December 2009
aleunix aleunix is offline
Real Name: Alessandro
Spam Deminer
 
Join Date: May 2008
Location: Italy
Posts: 224
Thanked 3 Times in 3 Posts
Default

Quote:
Originally Posted by EverydayDiesel View Post
How can i mount a usb drive to copy the dmesg > boot.txt output?
External Usb Storage

However if you send at yourself an email using some web mail service (as for example gmail, yahoo mail, etc..) you could avoid to use an usb device.
Reply With Quote
Old 15th December 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,135
Thanked 182 Times in 149 Posts
Default

EverydayDiesel,

what are the results of what I proposed in http://www.daemonforums.org/showthre...4090#post28549 ?

RE: mounting USB devices
See http://www.daemonforums.org/showthread.php?t=2232 and http://www.daemonforums.org/showthre...1588#post11400

Or simply mail from the command line:
Code:
$ dmesg | mail -s 'Dmesg' EveryDaySolar@gmail.com
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Old 15th December 2009
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 102
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by J65nko View Post
EverydayDiesel,

what are the results of what I proposed in http://www.daemonforums.org/showthre...4090#post28549 ?

RE: mounting USB devices
See http://www.daemonforums.org/showthread.php?t=2232 and http://www.daemonforums.org/showthre...1588#post11400

Or simply mail from the command line:
Code:
$ dmesg | mail -s 'Dmesg' EveryDaySolar@gmail.com
im having a hard time getting it to work.

i can ping from re0 to the router but i cannot ping re1 to the laptop.

What am I doing wrong

Code:
/etc/hostname.re0
dhcp
Code:
/etc/hostname.re1
10.0.0.50
Code:
/etc/mygate
10.0.0.1
Code:
/etc/pf.conf
EXT_NIC="re0"
INT_NIC="re1"

nat on $EXT_NIC from $INT_NIC to any -> ($EXT_NIC)

pass in on $INT_NIC from any to any
pass all in on $EXT_NIC from any to any
pass all out on $INT_NIC from any to any
pass all out on $EXT_NIC from any to any

The router is handing out an ip address of 10.0.0.1 to the openbsd server re0.
What do I need to do to make the bsd box route traffic to 10.0.0.50?

Last edited by EverydayDiesel; 15th December 2009 at 08:21 PM.
Reply With Quote
Old 15th December 2009
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,611
Thanked 214 Times in 189 Posts
Default

"allow" is not a valid PF rule. I assume you've been getting PF errors on boot up, but did not notice them.

try:

# pfctl -nf /etc/pf.conf

to see your error(s).

try

# pfctl -s rules

to see what rules are actually in effect.
Reply With Quote
Old 15th December 2009
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 102
Thanked 0 Times in 0 Posts
Default

sorry i was using 'pass' instead of allow

i did a pfctl -f /etc/pf.conf and received no errors

Im thinking it has something to do with my NAT statement?
Reply With Quote
Old 15th December 2009
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,135
Thanked 182 Times in 149 Posts
Default

Shouldn't a simple
Code:
# dhclient re0
set up the network on the Atom board.?
Then on the Atom use the ftp command I gave for a test download.

Don't use the laptop at all. The whole point of my proposal is to use just the Atom OBSD board behind your D-Link router. That way OBSD doesn't have to do the possible, PPPoE and NAT stuff.
And for this test just trust the D-link firewall and disable pf. Keep things simple
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Old 15th December 2009
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 102
Thanked 0 Times in 0 Posts
Default

ok ill try that and report back.

I know I can ping the openbsd box to the dlink router and I can ping google.com from the bsd box.

It was more a point of refrence, how do I enable openbsd to NAT packets received on re1 to re0 so I can do things like ping google.com
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Network Speed Issues Ernball OpenBSD General 3 12th December 2009 07:27 PM
Cannot connect to IRC (network issues within OBSD?) guitarscn OpenBSD General 10 4th September 2009 12:35 PM
Vista network issues behind PF Firewall cerulean Other OS 3 10th November 2008 10:36 PM
Yahoo! related Pidgin problems... BSDfan666 General software and network 10 28th September 2008 02:39 AM
OpenBSD-related websites bienc OpenBSD General 7 12th May 2008 09:15 PM


All times are GMT. The time now is 07:04 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick