[ previous ] [ next ] [ threads ]
 
 From:  Paul Taylor <PaulTaylor at winn dash dixie dot com>
 To:  Jeroen Visser <monowall at forty dash two dot nl>, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] m0n0wall throughput is awful.
 Date:  Wed, 28 Sep 2005 08:10:38 -0400 
Jeroen,

	I have also noticed that throughput isn't as good as I would expect.
With the latest 1.2 beta on my net4801, I'm only seeing 18 Mbps from
interface to interface...  I measured this by watching the traffic graph as
I performed a copy of some large files this past weekend.  

I believe a similar test that I used with version 1.11 I got about 33 Mbps
on the same hardware..  I don't know how much the rules have changed since
then, but the way I understand ipf, it doesn't check every single packet
against each rule, but just the first packet for a conversation.  Since
subsequent packets are part of an existing allowed conversation, I believe
they are allowed through without going down the entire rule list.   (Someone
please correct me if I'm wrong on this)

Paul

-----Original Message-----
From: Jeroen Visser [mailto:monowall at forty dash two dot nl] 
Sent: Wednesday, September 28, 2005 7:52 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] m0n0wall throughput is awful.

Hi List,

To be blunt, here's my problem.
I've got two m0n0walls connected to eachother with a crosscable and use them
to
connect different subnets.

The througput on the first one, subnet to subnet over two interfaces in the
same
machine is little more than 40 mbps (iperf tested), which is what I would
expect,
I think, since the m0n0wall firewall rules have to be parsed.

The weird thing now is when I run an iperf test on two subnets, through TWO
m0n0walls I only get a measly 8 mbit out of it. The machines are both new,
out of
the box, with Intel Pro 100 cards. 1500 Mhz and 512 MB of ram. Should be
enough.
Tried to connect with other spare Intel cards which are in the machine, to
no
avail.... So a nic faillure seems unlikely. PCI bus speed might be a
problem, I've
not tried that.

Another test on the second m0n0wall from nic to nic on the same machine,
give's me
a thoughput of 11 mbit... strangely low.

I changed the loader.rc on the CF card from which these machines boot and
added a
set kern.ipc.nmbclusters=32768. 512 MB ram would give me enough spare memory
for
this..... to no avail again....

Has anyone had any experience with such issues ?
Can anyone give me a hint to try something, preferrably without booting ;-),
to
boost the performance, before I call my hardware supllier and return the
second
machine.... ?


--
Regards,
Jeroen Visser.

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch