From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matthias Fischer To: development@lists.ipfire.org Subject: Re: Problems with "Enable some performance tuning" => extremly slow downloads Date: Thu, 21 Feb 2019 16:41:43 +0100 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1837218092776346413==" List-Id: --===============1837218092776346413== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, On 21.02.2019 10:33, Michael Tremer wrote: > On 21 Feb 2019, at 00:36, Matthias Fischer = wrote: >> On 20.02.2019 16:40, Michael Tremer wrote: >>> Interesting=E2=80=A6 These settings shouldn=E2=80=99t have any impact on = any connections going through the firewall. >> ... >>> Can you narrow it down to one specific setting of these by disabling one = by one? >> Right now: definitely NO. Its "under investigation". >>=20 >> Best, >> Matthias >>=20 >> P.S.: Oh my - it was too late for something like this - just saw it: the >> machine needs a reboot to really get rid of the tuned parameters, right!? >=20 > No you can set these without a reboot... It was a bit too late/early in the morning - I overlooked the defaults. Current results: No problems with DoT and: vm.swappiness =3D 1 net.ipv4.tcp_fastopen =3D 3 Testing takes a while because this "degrading" happens without prior notice and you don't notice it during normal surfing, only while downloading. Best, Matthias >=20 >>=20 >>> -Michael >>>=20 >>>> On 20 Feb 2019, at 10:18, Matthias Fischer wrote: >>>>=20 >>>> Hi, >>>>=20 >>>> being curious, I tested commit >>>> https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommit;h=3Dd03916e55851a2= 43594ebf6f0c20c8f6d9092277 >>>> on my Core 127 / 32bit IPFire. >>>>=20 >>>> At first I didn't notice any differences, system was running as usual. >>>> No important performance impact or change. >>>>=20 >>>> But yesterday, while starting some bigger downloads and closely >>>> watching, I noticed that everytime someone started to download a >>>> somewhat bigger file, e.g. 250-800 MB, downloading rates went down to a >>>> crawl. Some downloads even aborted and nearly all where amazingly slow >>>> (~150KB/s, normal: ~6.5 MB/s). >>>>=20 >>>> Restarting our Fritzbox and IPFire itself didn't help, all downloads >>>> stayed that way. >>>>=20 >>>> After reverting the above commit in '/etc/sysctl.conf' and running >>>> 'sysctl -p', system is running at full speed again: VDSL, 50Mbit down / >>>> 10Mbit up. >>>>=20 >>>> Configuration: >>>> Duo Box with Core 127/32bit. Running 'privoxy 3.0.28', 'squid 4.6' >>>> (non-transparent, 512 MB RAM only), 'squidguard 1.5 beta', >>>> 'squidclamav', 'snort / guardian', 'unbound 1.9.0' with DoT/TFO. >>>>=20 >>>> Could someone please test and confirm (or not ;-) ). >>>>=20 >>>> Best, >>>> Matthias >>>=20 >>>=20 >>=20 >=20 >=20 --===============1837218092776346413==--