|
||||||||
On 9/28/05, Jeroen Visser <monowall at forty dash two dot nl> wrote: > Hi List, > > To be blunt, here's my problem. > I've got two m0n0walls connected to eachother with a crosscable and use them to > connect different subnets. > > The througput on the first one, subnet to subnet over two interfaces in the same > machine is little more than 40 mbps (iperf tested), which is what I would expect, > I think, since the m0n0wall firewall rules have to be parsed. > With two fxp cards on a 1.5 GHz machine? No way, that's not normal. a WRAP or 4801, which have worse NIC's and only 266 MHz procs can push a little more than that. > The weird thing now is when I run an iperf test on two subnets, through TWO > m0n0walls I only get a measly 8 mbit out of it. The machines are both new, out of > the box, with Intel Pro 100 cards. 1500 Mhz and 512 MB of ram. Should be enough. should be enough for wire speed. For performance problems, my first guess is always duplex mismatch when all else looks fine. Under Status->Interfaces, do both show 100/full? > > I changed the loader.rc on the CF card from which these machines boot and added a > set kern.ipc.nmbclusters=32768. 512 MB ram would give me enough spare memory for > this..... to no avail again.... > this won't do anything unless you have enough active connections to actually need that much, which you won't even come close to the default with iperf tests. -Chris |