Date: Mon, 21 Feb 2000 18:47:27 -0700 From: Warner Losh <imp@village.org> To: "D VAN" <david@campsbay.za.net> Cc: stable@FreeBSD.ORG Subject: Re: strange kernel logs ? Message-ID: <200002220147.SAA24449@harmony.village.org> In-Reply-To: Your message of "Sun, 20 Feb 2000 14:45:45 %2B0200." <000f01bf7ba0$6a62d8f0$0201a8c0@DAVID> References: <000f01bf7ba0$6a62d8f0$0201a8c0@DAVID>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <000f01bf7ba0$6a62d8f0$0201a8c0@DAVID> "D VAN" writes: : Feb 20 04:59:25 NYC /kernel: icmp-response bandwidth limit 152/100 pps : Feb 20 04:59:26 NYC /kernel: icmp-response bandwidth limit 114/100 pps : Feb 20 04:59:27 NYC /kernel: icmp-response bandwidth limit 149/100 pps : Feb 20 04:59:28 NYC /kernel: icmp-response bandwidth limit 131/100 pps : Feb 20 04:59:29 NYC /kernel: icmp-response bandwidth limit 136/100 pps : : : Anyone know how to fix this and what is causing it ? Yes. There are more than 100 packets per second being sent out as ICMP or RST. Since these limits are in place to help with flooding. : Also why is this happening only now since ive installed named ? You are handling lots of lookups and there are lots of timeouts happening which means that the udp sockets won't have something listening to it when the response come back, which generates a ICMP port unreachables. Fortunately, it is relatively easy to fix. sysctl -w net.inet.icmp.icmplim=200 which will still give you the flood protection w/o impacting your normal operations. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200002220147.SAA24449>