DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 21st October 2011
majkelos majkelos is offline
Port Guard
 
Join Date: Sep 2010
Posts: 23
Thanked 0 Times in 0 Posts
Default strange behavior of PF

Hi

Since few days somethings is wrong with my OpenBSD (4.8) router doing NAT and QoS (HFSC). I didnt make anything, such as installing, upgrading or changing pf.conf. Every user in network should has up to 4 mbits/s, but only what he can achieve is only 1mbit/s max. Whole bandwidth has 64/8Mb. Queues are not dropping packets. Traffic from www server to lan hosts is attached to 50mb queue but i cannot achieve even 90KB/s.. I also tested the lan device..

Code:
# pfctl -sm                                                                    
states        hard limit    30000
src-nodes     hard limit    10000
frags         hard limit     5000
tables        hard limit     1000
table-entries hard limit   200000
Code:
# pfctl -ss | wc -l                                                                                                                                         
   10739
Interrupts: 11.2%

Any ideas what could cause this behavior ?
Reply With Quote
  #2   (View Single Post)  
Old 21st October 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,135
Thanked 182 Times in 149 Posts
Default

Does the output of netstat -in or netstat -ss give any clue?
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #3   (View Single Post)  
Old 23rd October 2011
majkelos majkelos is offline
Port Guard
 
Join Date: Sep 2010
Posts: 23
Thanked 0 Times in 0 Posts
Default

Thanks for interest. Someone from company had reset procurve 2524 switch to default settings, and i have to set auto negotiation of ports speed. One thing that i dont understand how in local traffic i could achieve speeds about 4MB/s. Now everything is ok, it was not bsd fault

Thanks!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Strange lib problem mururoa FreeBSD General 3 1st August 2009 07:34 AM
PF: strange port 21 iwi OpenBSD Security 3 25th November 2008 02:21 PM
Terminal display behavior 18Googol2 FreeBSD General 8 26th September 2008 02:05 PM
Strange network behavior Weaseal Off-Topic 4 27th May 2008 05:34 PM
strange with dvd+rw-format cyberboy FreeBSD General 0 26th May 2008 05:43 PM


All times are GMT. The time now is 02:55 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick