From owner-freebsd-performance@FreeBSD.ORG  Fri Feb  6 15:14:34 2009
Return-Path: <owner-freebsd-performance@FreeBSD.ORG>
Delivered-To: freebsd-performance@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F11901065692
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 15:14:34 +0000 (UTC)
	(envelope-from alexdehaini@gmail.com)
Received: from yw-out-2324.google.com (yw-out-2324.google.com [74.125.46.31])
	by mx1.freebsd.org (Postfix) with ESMTP id AE2568FC0C
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 15:14:34 +0000 (UTC)
	(envelope-from alexdehaini@gmail.com)
Received: by yw-out-2324.google.com with SMTP id 2so19664ywt.13
	for <freebsd-performance@freebsd.org>;
	Fri, 06 Feb 2009 07:14:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:date:message-id:subject
	:from:to:content-type;
	bh=NlJd6/N0v27y8nZsuH9f87jz5H8zu5EsfUP0Y9FqJos=;
	b=odiN4PKu274yzqmO+WGgEWOlB2CqWXKIXziQPAn4OTgefRaPZ+UND4HQucWUEBPtqz
	iymQEQFuPWc6AV8r3VKbIRuEj5wpgh7NIMjT1jLqEuAHVmRr0cBc8pDkVVWlWi8DJo63
	KAhh9TD6pTwo6YSt3exP9zvbpu/VID++3kwkk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:date:message-id:subject:from:to:content-type;
	b=Z5TODmi79vw5+hsySlo4jtzpg/w9+OTwklqblIdypzG4TySsAdLmjR2x/63kSEeOr8
	mF6mS8RkACiWIJGdUIZ2oJgmlFkSfmnAjHBgujwugWYtU5d45AVN791z3rfTZu0rOaOG
	U5IcAB1QgNlmLo/mVX4+smw/yvn8YXtPKZ1zs=
MIME-Version: 1.0
Received: by 10.65.151.17 with SMTP id d17mr1440307qbo.105.1233931468206; Fri, 
	06 Feb 2009 06:44:28 -0800 (PST)
Date: Fri, 6 Feb 2009 14:44:28 +0000
Message-ID: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
From: Alex Dehaini <alexdehaini@gmail.com>
To: freebsd-performance@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: Limiting open port RST response from 247 to 200 packets per second
X-BeenThere: freebsd-performance@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Performance/tuning <freebsd-performance.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-performance>
List-Post: <mailto:freebsd-performance@freebsd.org>
List-Help: <mailto:freebsd-performance-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Feb 2009 15:14:35 -0000

Hi Guys,

I have some issues with Squid on Freebsd. I am running FreeBSD release 4.9
and Squid version 2.5.

I have setup FreeBSD as a bridge so that all traffic from my network can
transparently pass through the FreeBSD server. I am running Squid on the
same server and I created an ipfw rule to redirect port 80 to port 3128.

Normally, when Squid is not started - we see traffic close to 30MB flowing
through the server. Immediately I start squid, the traffic drops to half and
sometimes lower and stays there. When this happens, I have a lot of clients
that will call and complain they can't access the Internet. At the same
time, I get these log messages

*Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from 247
to 200 packets per second
Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from 247
to 200 packets per second
Feb  5 20:39:45 myserver /kernel: Limiting open port RST response from 239
to 200 packets per second
Feb  5 20:39:45 myserver /kernel: Limiting open port RST response from 239
to 200 packets per second
Feb  5 20:39:46 myserver /kernel: Limiting open port RST response from 273
to 200 packets per second
Feb  5 20:39:46 myserver /kernel: Limiting open port RST response from 273
to 200 packets per second
Feb  5 20:39:47 myserver /kernel: Limiting open port RST response from 228
to 200 packets per second
Feb  5 20:39:47 myserver /kernel: Limiting open port RST response from 228
to 200 packets per second
Feb  5 20:39:48 myserver /kernel: Limiting open port RST response from 225
to 200 packets per second
Feb  5 20:39:48 myserver /kernel: Limiting open port RST response from 225
to 200 packets per second
Feb  5 20:39:49 myserver /kernel: Limiting open port RST response from 244
to 200 packets per second
Feb  5 20:39:49 myserver /kernel: Limiting open port RST response from 244
to 200 packets per second
Feb  5 20:39:50 myserver /kernel: Limiting open port RST response from 259
to 200 packets per second
Feb  5 20:39:50 myserver /kernel: Limiting open port RST response from 259
to 200 packets per second
Feb  5 20:39:51 myserver /kernel: Limiting open port RST response from 234
to 200 packets per second
Feb  5 20:39:51 myserver /kernel: Limiting open port RST response from 234
to 200 packets per second
Feb  5 20:39:52 myserver /kernel: Limiting open port RST response from 243
to 200 packets per second
Feb  5 20:39:52 myserver /kernel: Limiting open port RST response from 243
to 200 packets per second
Feb  5 20:39:53 myserver /kernel: Limiting open port RST response from 218
to 200 packets per second
Feb  5 20:39:53 myserver /kernel: Limiting open port RST response from 218
to 200 packets per second
Feb  5 20:39:55 myserver /kernel: Limiting open port RST response from 233
to 200 packets per second
Feb  5 20:39:55 myserver /kernel: Limiting open port RST response from 233
to 200 packets per second
Feb  5 20:39:56 myserver /kernel: Limiting open port RST response from 241
to 200 packets per second
Feb  5 20:39:56 myserver /kernel: Limiting open port RST response from 241
to 200 packets per second
Feb  5 20:39:57 myserver /kernel: Limiting open port RST response from 220
to 200 packets per second
Feb  5 20:39:57 myserver /kernel: Limiting open port RST response from 220
to 200 packets per second
Feb  5 20:39:58 myserver /kernel: Limiting open port RST response from 206
to 200 packets per second
Feb  5 20:39:58 myserver /kernel: Limiting open port RST response from 206
to 200 packets per second
Feb  5 20:40:01 myserver /kernel: Limiting open port RST response from 223
to 200 packets per second
Feb  5 20:40:01 myserver /kernel: Limiting open port RST response from 223
to 200 packets per second*

When I stop Squid, everything returns to normal. Any idea what is causing
this. I will appreciate any help.

Thanks

-- 
Alex Dehaini
Developer
Site - www.alexdehaini.com
Email - alexdehaini@gmail.com

From owner-freebsd-performance@FreeBSD.ORG  Fri Feb  6 15:24:54 2009
Return-Path: <owner-freebsd-performance@FreeBSD.ORG>
Delivered-To: freebsd-performance@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4DCDA1065763
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 15:24:54 +0000 (UTC)
	(envelope-from alexdehaini@gmail.com)
Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.29])
	by mx1.freebsd.org (Postfix) with ESMTP id EF4B28FC20
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 15:24:53 +0000 (UTC)
	(envelope-from alexdehaini@gmail.com)
Received: by yx-out-2324.google.com with SMTP id 8so387271yxb.13
	for <freebsd-performance@freebsd.org>;
	Fri, 06 Feb 2009 07:24:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:in-reply-to:references
	:date:message-id:subject:from:to:cc:content-type;
	bh=aNQGnfnJb6e8ITfXgoVd0FJMqmTr7XZrGwt+Qej8AJw=;
	b=UKL0lrrXcqYu+OhqGb8a1JpN146f0S5hpnoCXmEcVKjzq42+3C6Veo58JKgfs1OOyM
	1XTBNOvPVGBTtqJQeJ5d6CQRVAtLZfWXsNUEzRqNXIYOlxT5KNCWZ1/c/hGNTI0vkJHA
	i6SqbT9egcMp01mcEddJ4kyTPde3I0Az+CuV0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	b=vLO309iMLAGClFNForUgLoYLlaAT5ydf4l2ql/XRpHBCqhXqgUtfGMhyQhEQ6jblxh
	otzMoObFabEhQ77n3jNTsfINaLjwFUbnN1e86Uhpck730NyR80sUSZkm3yS/fUcc5eCY
	725bBtamNTAzNVKyT5ePjKDnadQPz2vrZ16PE=
MIME-Version: 1.0
Received: by 10.64.142.5 with SMTP id p5mr1438397qbd.136.1233933892477; Fri, 
	06 Feb 2009 07:24:52 -0800 (PST)
In-Reply-To: <b8592ed80902060719y3be85e43q9ef200477735d1e2@mail.gmail.com>
References: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
	<b8592ed80902060719y3be85e43q9ef200477735d1e2@mail.gmail.com>
Date: Fri, 6 Feb 2009 15:24:52 +0000
Message-ID: <4b008f7d0902060724o6817f822ufb3ce8a8f9060fa8@mail.gmail.com>
From: Alex Dehaini <alexdehaini@gmail.com>
To: =?ISO-8859-1?Q?Istv=E1n_Szuk=E1cs?= <leccine@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: freebsd-performance@freebsd.org
Subject: Re: Limiting open port RST response from 247 to 200 packets per 
	second
X-BeenThere: freebsd-performance@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Performance/tuning <freebsd-performance.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-performance>
List-Post: <mailto:freebsd-performance@freebsd.org>
List-Help: <mailto:freebsd-performance-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Feb 2009 15:24:55 -0000

I increased net.inet.icmp.icmplim to 2000 but this does not make any change=
.
Here is my output

myserver# sysctl -a | grep net.inet.icmp.icmplim
net.inet.icmp.icmplim: 2000
net.inet.icmp.icmplim_output: 1

After increasing inet.icmp.icmplim to 2000 and startign Squid, I don't get
the errors below

Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from 247
to 200 packets per second
Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from 247
to 200 packets per second
Feb  5 20:39:45 myserver /kernel: Limiting open port RST response from 239
to 200 packets per second

But traffic still drops.

Alex


On Fri, Feb 6, 2009 at 3:19 PM, Istv=E1n Szuk=E1cs <leccine@gmail.com> wrot=
e:

> Hi!
>
>
> lix@test:~$sysctl -a | grep net.inet.icmp.icmplim
> net.inet.icmp.icmplim: 200
> net.inet.icmp.icmplim_output: 1
>
>
> Regards,
> Istvan
>
> On Fri, Feb 6, 2009 at 2:44 PM, Alex Dehaini <alexdehaini@gmail.com>wrote=
:
>
>> Hi Guys,
>>
>> I have some issues with Squid on Freebsd. I am running FreeBSD release 4=
.9
>> and Squid version 2.5.
>>
>> I have setup FreeBSD as a bridge so that all traffic from my network can
>> transparently pass through the FreeBSD server. I am running Squid on the
>> same server and I created an ipfw rule to redirect port 80 to port 3128.
>>
>> Normally, when Squid is not started - we see traffic close to 30MB flowi=
ng
>> through the server. Immediately I start squid, the traffic drops to half
>> and
>> sometimes lower and stays there. When this happens, I have a lot of
>> clients
>> that will call and complain they can't access the Internet. At the same
>> time, I get these log messages
>>
>> *Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from
>> 247
>> to 200 packets per second
>> Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from 2=
47
>> to 200 packets per second
>> Feb  5 20:39:45 myserver /kernel: Limiting open port RST response from 2=
39
>> to 200 packets per second
>> Feb  5 20:39:45 myserver /kernel: Limiting open port RST response from 2=
39
>> to 200 packets per second
>> Feb  5 20:39:46 myserver /kernel: Limiting open port RST response from 2=
73
>> to 200 packets per second
>> Feb  5 20:39:46 myserver /kernel: Limiting open port RST response from 2=
73
>> to 200 packets per second
>> Feb  5 20:39:47 myserver /kernel: Limiting open port RST response from 2=
28
>> to 200 packets per second
>> Feb  5 20:39:47 myserver /kernel: Limiting open port RST response from 2=
28
>> to 200 packets per second
>> Feb  5 20:39:48 myserver /kernel: Limiting open port RST response from 2=
25
>> to 200 packets per second
>> Feb  5 20:39:48 myserver /kernel: Limiting open port RST response from 2=
25
>> to 200 packets per second
>> Feb  5 20:39:49 myserver /kernel: Limiting open port RST response from 2=
44
>> to 200 packets per second
>> Feb  5 20:39:49 myserver /kernel: Limiting open port RST response from 2=
44
>> to 200 packets per second
>> Feb  5 20:39:50 myserver /kernel: Limiting open port RST response from 2=
59
>> to 200 packets per second
>> Feb  5 20:39:50 myserver /kernel: Limiting open port RST response from 2=
59
>> to 200 packets per second
>> Feb  5 20:39:51 myserver /kernel: Limiting open port RST response from 2=
34
>> to 200 packets per second
>> Feb  5 20:39:51 myserver /kernel: Limiting open port RST response from 2=
34
>> to 200 packets per second
>> Feb  5 20:39:52 myserver /kernel: Limiting open port RST response from 2=
43
>> to 200 packets per second
>> Feb  5 20:39:52 myserver /kernel: Limiting open port RST response from 2=
43
>> to 200 packets per second
>> Feb  5 20:39:53 myserver /kernel: Limiting open port RST response from 2=
18
>> to 200 packets per second
>> Feb  5 20:39:53 myserver /kernel: Limiting open port RST response from 2=
18
>> to 200 packets per second
>> Feb  5 20:39:55 myserver /kernel: Limiting open port RST response from 2=
33
>> to 200 packets per second
>> Feb  5 20:39:55 myserver /kernel: Limiting open port RST response from 2=
33
>> to 200 packets per second
>> Feb  5 20:39:56 myserver /kernel: Limiting open port RST response from 2=
41
>> to 200 packets per second
>> Feb  5 20:39:56 myserver /kernel: Limiting open port RST response from 2=
41
>> to 200 packets per second
>> Feb  5 20:39:57 myserver /kernel: Limiting open port RST response from 2=
20
>> to 200 packets per second
>> Feb  5 20:39:57 myserver /kernel: Limiting open port RST response from 2=
20
>> to 200 packets per second
>> Feb  5 20:39:58 myserver /kernel: Limiting open port RST response from 2=
06
>> to 200 packets per second
>> Feb  5 20:39:58 myserver /kernel: Limiting open port RST response from 2=
06
>> to 200 packets per second
>> Feb  5 20:40:01 myserver /kernel: Limiting open port RST response from 2=
23
>> to 200 packets per second
>> Feb  5 20:40:01 myserver /kernel: Limiting open port RST response from 2=
23
>> to 200 packets per second*
>>
>> When I stop Squid, everything returns to normal. Any idea what is causin=
g
>> this. I will appreciate any help.
>>
>> Thanks
>>
>> --
>> Alex Dehaini
>> Developer
>> Site - www.alexdehaini.com
>> Email - alexdehaini@gmail.com
>> _______________________________________________
>> freebsd-performance@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-performance
>> To unsubscribe, send any mail to "
>> freebsd-performance-unsubscribe@freebsd.org"
>>
>
>
>
> --
> the sun shines for all
>



--=20
Alex Dehaini
Developer
Site - www.alexdehaini.com
Email - alexdehaini@gmail.com

From owner-freebsd-performance@FreeBSD.ORG  Fri Feb  6 15:41:29 2009
Return-Path: <owner-freebsd-performance@FreeBSD.ORG>
Delivered-To: freebsd-performance@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DC310106566C
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 15:41:28 +0000 (UTC)
	(envelope-from leccine@gmail.com)
Received: from mail-ew0-f21.google.com (mail-ew0-f21.google.com
	[209.85.219.21])
	by mx1.freebsd.org (Postfix) with ESMTP id 36F7C8FC13
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 15:41:27 +0000 (UTC)
	(envelope-from leccine@gmail.com)
Received: by ewy14 with SMTP id 14so1652732ewy.19
	for <freebsd-performance@freebsd.org>;
	Fri, 06 Feb 2009 07:41:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:in-reply-to:references
	:date:message-id:subject:from:to:cc:content-type;
	bh=Et8c78T2c0Y+V7F49gtKNz+ozqVHHoz/Of/Aax7lVik=;
	b=mUQuYXfB/x3u3oWSKe66mSsW26qa/QANSspeWXQaL30fyDr3G95y5OWIEeknL0Fm3f
	8sfW8JaWdy5E0oApkVjpC9XDMyeie4vySvnP25UQeFG1AowjVVQquvmc8Qyj5JeI7WDW
	mtCnWs7dpy2KrRaehKMmRt4Po+JOVRE8adKVs=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	b=DXIkq0wsLVVbQkj5Pm9xKJx0HWafQ3fi3ru+CJW5S/8QywHzOlCO4Nh9oWK0gAN6LI
	88SLSqP6z1etG30SPBttgT63+fZpSLaHKdNJA/AG/D5PaLYQKTt+YkVtb14/qN29dISR
	ns8T+QaAOFHj4PN7oIFSBtYx3cY5jsdlLupPU=
MIME-Version: 1.0
Received: by 10.210.58.17 with SMTP id g17mr1374961eba.149.1233933540960; Fri, 
	06 Feb 2009 07:19:00 -0800 (PST)
In-Reply-To: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
References: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
Date: Fri, 6 Feb 2009 15:19:00 +0000
Message-ID: <b8592ed80902060719y3be85e43q9ef200477735d1e2@mail.gmail.com>
From: =?ISO-8859-1?Q?Istv=E1n_Szuk=E1cs?= <leccine@gmail.com>
To: Alex Dehaini <alexdehaini@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: freebsd-performance@freebsd.org
Subject: Re: Limiting open port RST response from 247 to 200 packets per 
	second
X-BeenThere: freebsd-performance@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Performance/tuning <freebsd-performance.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-performance>
List-Post: <mailto:freebsd-performance@freebsd.org>
List-Help: <mailto:freebsd-performance-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Feb 2009 15:41:29 -0000

Hi!


lix@test:~$sysctl -a | grep net.inet.icmp.icmplim
net.inet.icmp.icmplim: 200
net.inet.icmp.icmplim_output: 1


Regards,
Istvan

On Fri, Feb 6, 2009 at 2:44 PM, Alex Dehaini <alexdehaini@gmail.com> wrote:

> Hi Guys,
>
> I have some issues with Squid on Freebsd. I am running FreeBSD release 4.9
> and Squid version 2.5.
>
> I have setup FreeBSD as a bridge so that all traffic from my network can
> transparently pass through the FreeBSD server. I am running Squid on the
> same server and I created an ipfw rule to redirect port 80 to port 3128.
>
> Normally, when Squid is not started - we see traffic close to 30MB flowing
> through the server. Immediately I start squid, the traffic drops to half
> and
> sometimes lower and stays there. When this happens, I have a lot of clients
> that will call and complain they can't access the Internet. At the same
> time, I get these log messages
>
> *Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from 247
> to 200 packets per second
> Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from 247
> to 200 packets per second
> Feb  5 20:39:45 myserver /kernel: Limiting open port RST response from 239
> to 200 packets per second
> Feb  5 20:39:45 myserver /kernel: Limiting open port RST response from 239
> to 200 packets per second
> Feb  5 20:39:46 myserver /kernel: Limiting open port RST response from 273
> to 200 packets per second
> Feb  5 20:39:46 myserver /kernel: Limiting open port RST response from 273
> to 200 packets per second
> Feb  5 20:39:47 myserver /kernel: Limiting open port RST response from 228
> to 200 packets per second
> Feb  5 20:39:47 myserver /kernel: Limiting open port RST response from 228
> to 200 packets per second
> Feb  5 20:39:48 myserver /kernel: Limiting open port RST response from 225
> to 200 packets per second
> Feb  5 20:39:48 myserver /kernel: Limiting open port RST response from 225
> to 200 packets per second
> Feb  5 20:39:49 myserver /kernel: Limiting open port RST response from 244
> to 200 packets per second
> Feb  5 20:39:49 myserver /kernel: Limiting open port RST response from 244
> to 200 packets per second
> Feb  5 20:39:50 myserver /kernel: Limiting open port RST response from 259
> to 200 packets per second
> Feb  5 20:39:50 myserver /kernel: Limiting open port RST response from 259
> to 200 packets per second
> Feb  5 20:39:51 myserver /kernel: Limiting open port RST response from 234
> to 200 packets per second
> Feb  5 20:39:51 myserver /kernel: Limiting open port RST response from 234
> to 200 packets per second
> Feb  5 20:39:52 myserver /kernel: Limiting open port RST response from 243
> to 200 packets per second
> Feb  5 20:39:52 myserver /kernel: Limiting open port RST response from 243
> to 200 packets per second
> Feb  5 20:39:53 myserver /kernel: Limiting open port RST response from 218
> to 200 packets per second
> Feb  5 20:39:53 myserver /kernel: Limiting open port RST response from 218
> to 200 packets per second
> Feb  5 20:39:55 myserver /kernel: Limiting open port RST response from 233
> to 200 packets per second
> Feb  5 20:39:55 myserver /kernel: Limiting open port RST response from 233
> to 200 packets per second
> Feb  5 20:39:56 myserver /kernel: Limiting open port RST response from 241
> to 200 packets per second
> Feb  5 20:39:56 myserver /kernel: Limiting open port RST response from 241
> to 200 packets per second
> Feb  5 20:39:57 myserver /kernel: Limiting open port RST response from 220
> to 200 packets per second
> Feb  5 20:39:57 myserver /kernel: Limiting open port RST response from 220
> to 200 packets per second
> Feb  5 20:39:58 myserver /kernel: Limiting open port RST response from 206
> to 200 packets per second
> Feb  5 20:39:58 myserver /kernel: Limiting open port RST response from 206
> to 200 packets per second
> Feb  5 20:40:01 myserver /kernel: Limiting open port RST response from 223
> to 200 packets per second
> Feb  5 20:40:01 myserver /kernel: Limiting open port RST response from 223
> to 200 packets per second*
>
> When I stop Squid, everything returns to normal. Any idea what is causing
> this. I will appreciate any help.
>
> Thanks
>
> --
> Alex Dehaini
> Developer
> Site - www.alexdehaini.com
> Email - alexdehaini@gmail.com
> _______________________________________________
> freebsd-performance@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-performance
> To unsubscribe, send any mail to "
> freebsd-performance-unsubscribe@freebsd.org"
>



-- 
the sun shines for all

From owner-freebsd-performance@FreeBSD.ORG  Fri Feb  6 18:19:23 2009
Return-Path: <owner-freebsd-performance@FreeBSD.ORG>
Delivered-To: freebsd-performance@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id AF8A8106566B
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 18:19:23 +0000 (UTC)
	(envelope-from alexdehaini@gmail.com)
Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.28])
	by mx1.freebsd.org (Postfix) with ESMTP id 51C1F8FC1D
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 18:19:23 +0000 (UTC)
	(envelope-from alexdehaini@gmail.com)
Received: by yx-out-2324.google.com with SMTP id 8so428263yxb.13
	for <freebsd-performance@freebsd.org>;
	Fri, 06 Feb 2009 10:19:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:in-reply-to:references
	:date:message-id:subject:from:to:cc:content-type;
	bh=333/ecQk0Lt7AJTgnYUJEgZ+XblCHU5+9l3Ay7eVovo=;
	b=ms7MYVWXUada/89lpvN9RRbm/yNxwXGxV8waOZuapdcbrvxKb7X4A9RGjUEVlLxydb
	FvpGbyIKVBTZzDcDu71HYgYNqMbnbvlWl3CWDGHEVXk9T5V//MYPDsDNEhl95dJjwoHg
	JLKaCZHoMPjFE9vmT/Rjba2FqmlJAs15mb2OM=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	b=tKfC5cr42ej4w8CqlWEYzoaVdqB1HAOq/El1a+Y2j6LjnyCVe06kdVnXSmYPXr3oxU
	nKI87QrDiKgAzhX63E4o1R3a1AVNzVOQrs0qH+ynkX5c16/mA9WifsQN5/gD/6zGikWB
	R9C7QN0xE8Sn2V8qwiSwdlP1pJNQ5xGXrNyYs=
MIME-Version: 1.0
Received: by 10.65.135.19 with SMTP id m19mr1540979qbn.77.1233944362166; Fri, 
	06 Feb 2009 10:19:22 -0800 (PST)
In-Reply-To: <4b008f7d0902060724o6817f822ufb3ce8a8f9060fa8@mail.gmail.com>
References: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
	<b8592ed80902060719y3be85e43q9ef200477735d1e2@mail.gmail.com>
	<4b008f7d0902060724o6817f822ufb3ce8a8f9060fa8@mail.gmail.com>
Date: Fri, 6 Feb 2009 18:19:22 +0000
Message-ID: <4b008f7d0902061019v414ef35do1b84a3f2e6f0b48d@mail.gmail.com>
From: Alex Dehaini <alexdehaini@gmail.com>
To: =?ISO-8859-1?Q?Istv=E1n_Szuk=E1cs?= <leccine@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: freebsd-performance@freebsd.org
Subject: Re: Limiting open port RST response from 247 to 200 packets per 
	second
X-BeenThere: freebsd-performance@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Performance/tuning <freebsd-performance.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-performance>
List-Post: <mailto:freebsd-performance@freebsd.org>
List-Help: <mailto:freebsd-performance-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Feb 2009 18:19:24 -0000

Any ideas

On Fri, Feb 6, 2009 at 3:24 PM, Alex Dehaini <alexdehaini@gmail.com> wrote:

> I increased net.inet.icmp.icmplim to 2000 but this does not make any
> change. Here is my output
>
> myserver# sysctl -a | grep net.inet.icmp.icmplim
> net.inet.icmp.icmplim: 2000
> net.inet.icmp.icmplim_output: 1
>
> After increasing inet.icmp.icmplim to 2000 and startign Squid, I don't ge=
t
> the errors below
>
> Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from 24=
7
> to 200 packets per second
> Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from 24=
7
> to 200 packets per second
> Feb  5 20:39:45 myserver /kernel: Limiting open port RST response from 23=
9
> to 200 packets per second
>
> But traffic still drops.
>
> Alex
>
>
>
> On Fri, Feb 6, 2009 at 3:19 PM, Istv=E1n Szuk=E1cs <leccine@gmail.com> wr=
ote:
>
>> Hi!
>>
>>
>> lix@test:~$sysctl -a | grep net.inet.icmp.icmplim
>> net.inet.icmp.icmplim: 200
>> net.inet.icmp.icmplim_output: 1
>>
>>
>> Regards,
>> Istvan
>>
>> On Fri, Feb 6, 2009 at 2:44 PM, Alex Dehaini <alexdehaini@gmail.com>wrot=
e:
>>
>>> Hi Guys,
>>>
>>> I have some issues with Squid on Freebsd. I am running FreeBSD release
>>> 4.9
>>> and Squid version 2.5.
>>>
>>> I have setup FreeBSD as a bridge so that all traffic from my network ca=
n
>>> transparently pass through the FreeBSD server. I am running Squid on th=
e
>>> same server and I created an ipfw rule to redirect port 80 to port 3128=
.
>>>
>>> Normally, when Squid is not started - we see traffic close to 30MB
>>> flowing
>>> through the server. Immediately I start squid, the traffic drops to hal=
f
>>> and
>>> sometimes lower and stays there. When this happens, I have a lot of
>>> clients
>>> that will call and complain they can't access the Internet. At the same
>>> time, I get these log messages
>>>
>>> *Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from
>>> 247
>>> to 200 packets per second
>>> Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from
>>> 247
>>> to 200 packets per second
>>> Feb  5 20:39:45 myserver /kernel: Limiting open port RST response from
>>> 239
>>> to 200 packets per second
>>> Feb  5 20:39:45 myserver /kernel: Limiting open port RST response from
>>> 239
>>> to 200 packets per second
>>> Feb  5 20:39:46 myserver /kernel: Limiting open port RST response from
>>> 273
>>> to 200 packets per second
>>> Feb  5 20:39:46 myserver /kernel: Limiting open port RST response from
>>> 273
>>> to 200 packets per second
>>> Feb  5 20:39:47 myserver /kernel: Limiting open port RST response from
>>> 228
>>> to 200 packets per second
>>> Feb  5 20:39:47 myserver /kernel: Limiting open port RST response from
>>> 228
>>> to 200 packets per second
>>> Feb  5 20:39:48 myserver /kernel: Limiting open port RST response from
>>> 225
>>> to 200 packets per second
>>> Feb  5 20:39:48 myserver /kernel: Limiting open port RST response from
>>> 225
>>> to 200 packets per second
>>> Feb  5 20:39:49 myserver /kernel: Limiting open port RST response from
>>> 244
>>> to 200 packets per second
>>> Feb  5 20:39:49 myserver /kernel: Limiting open port RST response from
>>> 244
>>> to 200 packets per second
>>> Feb  5 20:39:50 myserver /kernel: Limiting open port RST response from
>>> 259
>>> to 200 packets per second
>>> Feb  5 20:39:50 myserver /kernel: Limiting open port RST response from
>>> 259
>>> to 200 packets per second
>>> Feb  5 20:39:51 myserver /kernel: Limiting open port RST response from
>>> 234
>>> to 200 packets per second
>>> Feb  5 20:39:51 myserver /kernel: Limiting open port RST response from
>>> 234
>>> to 200 packets per second
>>> Feb  5 20:39:52 myserver /kernel: Limiting open port RST response from
>>> 243
>>> to 200 packets per second
>>> Feb  5 20:39:52 myserver /kernel: Limiting open port RST response from
>>> 243
>>> to 200 packets per second
>>> Feb  5 20:39:53 myserver /kernel: Limiting open port RST response from
>>> 218
>>> to 200 packets per second
>>> Feb  5 20:39:53 myserver /kernel: Limiting open port RST response from
>>> 218
>>> to 200 packets per second
>>> Feb  5 20:39:55 myserver /kernel: Limiting open port RST response from
>>> 233
>>> to 200 packets per second
>>> Feb  5 20:39:55 myserver /kernel: Limiting open port RST response from
>>> 233
>>> to 200 packets per second
>>> Feb  5 20:39:56 myserver /kernel: Limiting open port RST response from
>>> 241
>>> to 200 packets per second
>>> Feb  5 20:39:56 myserver /kernel: Limiting open port RST response from
>>> 241
>>> to 200 packets per second
>>> Feb  5 20:39:57 myserver /kernel: Limiting open port RST response from
>>> 220
>>> to 200 packets per second
>>> Feb  5 20:39:57 myserver /kernel: Limiting open port RST response from
>>> 220
>>> to 200 packets per second
>>> Feb  5 20:39:58 myserver /kernel: Limiting open port RST response from
>>> 206
>>> to 200 packets per second
>>> Feb  5 20:39:58 myserver /kernel: Limiting open port RST response from
>>> 206
>>> to 200 packets per second
>>> Feb  5 20:40:01 myserver /kernel: Limiting open port RST response from
>>> 223
>>> to 200 packets per second
>>> Feb  5 20:40:01 myserver /kernel: Limiting open port RST response from
>>> 223
>>> to 200 packets per second*
>>>
>>> When I stop Squid, everything returns to normal. Any idea what is causi=
ng
>>> this. I will appreciate any help.
>>>
>>> Thanks
>>>
>>> --
>>> Alex Dehaini
>>> Developer
>>> Site - www.alexdehaini.com
>>> Email - alexdehaini@gmail.com
>>> _______________________________________________
>>> freebsd-performance@freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-performance
>>> To unsubscribe, send any mail to "
>>> freebsd-performance-unsubscribe@freebsd.org"
>>>
>>
>>
>>
>> --
>> the sun shines for all
>>
>
>
>
> --
> Alex Dehaini
> Developer
> Site - www.alexdehaini.com
> Email - alexdehaini@gmail.com
>



--=20
Alex Dehaini
Developer
Site - www.alexdehaini.com
Email - alexdehaini@gmail.com

From owner-freebsd-performance@FreeBSD.ORG  Fri Feb  6 19:03:39 2009
Return-Path: <owner-freebsd-performance@FreeBSD.ORG>
Delivered-To: freebsd-performance@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2B60110656FA
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 19:03:39 +0000 (UTC)
	(envelope-from maciej@suszko.eu)
Received: from 30.mail-out.ovh.net (30.mail-out.ovh.net [213.186.62.213])
	by mx1.freebsd.org (Postfix) with SMTP id 6C7C78FC1B
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 19:03:38 +0000 (UTC)
	(envelope-from maciej@suszko.eu)
Received: (qmail 24375 invoked by uid 503); 6 Feb 2009 18:37:18 -0000
Received: from b7.ovh.net (HELO mail193.ha.ovh.net) (213.186.33.57)
	by 30.mail-out.ovh.net with SMTP; 6 Feb 2009 18:37:18 -0000
Received: from b0.ovh.net (HELO queue-out) (213.186.33.50)
	by b0.ovh.net with SMTP; 6 Feb 2009 18:36:57 -0000
Received: from unknown (HELO localhost) (maciej@suszko.eu@62.61.57.118)
	by ns0.ovh.net with SMTP; 6 Feb 2009 18:36:56 -0000
Date: Fri, 6 Feb 2009 19:36:51 +0100
From: Maciej Suszko <maciej@suszko.eu>
To: Alex Dehaini <alexdehaini@gmail.com>
Message-ID: <20090206193651.518c3347@suszko.eu>
In-Reply-To: <4b008f7d0902061019v414ef35do1b84a3f2e6f0b48d@mail.gmail.com>
References: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
	<b8592ed80902060719y3be85e43q9ef200477735d1e2@mail.gmail.com>
	<4b008f7d0902060724o6817f822ufb3ce8a8f9060fa8@mail.gmail.com>
	<4b008f7d0902061019v414ef35do1b84a3f2e6f0b48d@mail.gmail.com>
X-Mailer: Claws Mail 3.7.0 (GTK+ 2.14.7; i386-portbld-freebsd7.1)
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="Sig_/hMorT+K8+OD=G6+tJhcTfH_";
	protocol="application/pgp-signature"; micalg=PGP-SHA1
X-Ovh-Tracer-Id: 9459811019376123924
X-Ovh-Remote: 62.61.57.118 ()
X-Ovh-Local: 213.186.33.20 (ns0.ovh.net)
X-Spam-Check: DONE|H 0.5/N
Cc: =?ISO-8859-2?B?SXN0duFuIFN6dWvhY3M=?= <leccine@gmail.com>,
	freebsd-performance@freebsd.org
Subject: Re: Limiting open port RST response from 247 to 200 packets per 
 second
X-BeenThere: freebsd-performance@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Performance/tuning <freebsd-performance.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-performance>
List-Post: <mailto:freebsd-performance@freebsd.org>
List-Help: <mailto:freebsd-performance-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Feb 2009 19:03:39 -0000

--Sig_/hMorT+K8+OD=G6+tJhcTfH_
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

Alex Dehaini <alexdehaini@gmail.com> wrote:
> Any ideas

Show us the output of `vmstat -z` - may be helpful.
--=20
regards, Maciej Suszko.

--Sig_/hMorT+K8+OD=G6+tJhcTfH_
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (FreeBSD)

iEYEARECAAYFAkmMg0MACgkQCikUk0l7iGpD7wCcCgafUHwqb0BXxycEiv+8LX+z
CgIAn2DGL2+ryfhh+RTUTFcBQD+3lWmc
=s5Pt
-----END PGP SIGNATURE-----

--Sig_/hMorT+K8+OD=G6+tJhcTfH_--

From owner-freebsd-performance@FreeBSD.ORG  Fri Feb  6 19:13:30 2009
Return-Path: <owner-freebsd-performance@FreeBSD.ORG>
Delivered-To: freebsd-performance@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 560B1106579C
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 19:13:30 +0000 (UTC)
	(envelope-from ntarmos@ceid.upatras.gr)
Received: from poseidon.ceid.upatras.gr (poseidon.ceid.upatras.gr
	[150.140.141.169])
	by mx1.freebsd.org (Postfix) with ESMTP id F25C08FC0A
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 19:13:29 +0000 (UTC)
	(envelope-from ntarmos@ceid.upatras.gr)
Received: from mail.ceid.upatras.gr (unknown [10.1.0.143])
	by poseidon.ceid.upatras.gr (Postfix) with ESMTP id 21AE5EB6214
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 20:48:40 +0200 (EET)
Received: from localhost (europa.ceid.upatras.gr [127.0.0.1])
	by mail.ceid.upatras.gr (Postfix) with ESMTP id 0918B4C8003
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 20:48:40 +0200 (EET)
X-Virus-Scanned: amavisd-new at ceid.upatras.gr
Received: from mail.ceid.upatras.gr ([127.0.0.1])
	by localhost (europa.ceid.upatras.gr [127.0.0.1]) (amavisd-new,
	port 10024)
	with ESMTP id mlayy8Pjl45y for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 20:48:39 +0200 (EET)
Received: from ace.netcins.ceid.upatras.gr (ppp089210149101.dsl.hol.gr
	[89.210.149.101])
	by mail.ceid.upatras.gr (Postfix) with ESMTP id CAB3245088
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 20:48:39 +0200 (EET)
Received: by ace.netcins.ceid.upatras.gr (Postfix, from userid 1001)
	id 8584E3F40F; Fri,  6 Feb 2009 20:48:35 +0200 (EET)
Date: Fri, 6 Feb 2009 20:48:35 +0200
From: Nikos Ntarmos <ntarmos@ceid.upatras.gr>
To: freebsd-performance@freebsd.org
Message-ID: <20090206184835.GA59842@ace.netcins.ceid.upatras.gr>
Mail-Followup-To: freebsd-performance@freebsd.org
References: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
	<b8592ed80902060719y3be85e43q9ef200477735d1e2@mail.gmail.com>
	<4b008f7d0902060724o6817f822ufb3ce8a8f9060fa8@mail.gmail.com>
	<4b008f7d0902061019v414ef35do1b84a3f2e6f0b48d@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <4b008f7d0902061019v414ef35do1b84a3f2e6f0b48d@mail.gmail.com>
Organization: NetCInS Lab., C.E.I.D., U. of Patras, Greece
WWW-Homepage: http://ntarmos.dyndns.org/
X-PGP-Fingerprint: 9680 60A7 DE60 0298 B1F0  9B22 9BA2 7569 CF95 160A
User-Agent: Mutt/1.5.18 (2008-05-17)
Subject: Re: Limiting open port RST response from 247 to 200 packets per
	second
X-BeenThere: freebsd-performance@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Performance/tuning <freebsd-performance.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-performance>
List-Post: <mailto:freebsd-performance@freebsd.org>
List-Help: <mailto:freebsd-performance-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Feb 2009 19:13:30 -0000

Alex,

Traffic from and to the bridge interface that speaks with the internet
dropping when you use a proxy server is quite normal. You did have an
issue with icmplim but you have that fixed now. Do your clients still
complain of problems with connectivity?

Cheers.

\n\n

From owner-freebsd-performance@FreeBSD.ORG  Fri Feb  6 20:45:20 2009
Return-Path: <owner-freebsd-performance@FreeBSD.ORG>
Delivered-To: freebsd-performance@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 536E5106564A
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 20:45:20 +0000 (UTC)
	(envelope-from alexdehaini@gmail.com)
Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.29])
	by mx1.freebsd.org (Postfix) with ESMTP id 034F38FC14
	for <freebsd-performance@freebsd.org>;
	Fri,  6 Feb 2009 20:45:19 +0000 (UTC)
	(envelope-from alexdehaini@gmail.com)
Received: by yx-out-2324.google.com with SMTP id 8so460329yxb.13
	for <freebsd-performance@freebsd.org>;
	Fri, 06 Feb 2009 12:45:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:in-reply-to:references
	:date:message-id:subject:from:to:cc:content-type;
	bh=dUjvQ95WuXQxnXVde+nsfqnbHr6S9oZQqjySCSE1ucI=;
	b=lKs8FFCT+xffjRjOWPqQmDlQAuT2phSR7d+vtGn1hDkMJXt08s8x9zIW4W8Bv/DKz9
	DRbXtZP5UrT7FE5xthMp5pgCz/1i+j0rUBFd5isZgE4Ye4mZ7HTxWkI/9Xrl2WjcHSIz
	OfJiylMephCF/oIDD/SshNTnHzOAZMa4lyJzU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	b=AEnE+3M/wDBQ4t0BLlVY61PuDVTm6GMxYX6yIhOsFJbY+Jzj9fxd8GL7tSeU3urwSX
	ba4w/zUQabga4b1u/Ve3yHoyDWLUJWWpZIMuRYUALTAFQIic9INOcotBbPEMD690WzQ4
	P3Qq+G//fByXhAUY5IUqMVxLK9GLOtfM10208=
MIME-Version: 1.0
Received: by 10.65.191.19 with SMTP id t19mr1607953qbp.61.1233953118360; Fri, 
	06 Feb 2009 12:45:18 -0800 (PST)
In-Reply-To: <20090206193651.518c3347@suszko.eu>
References: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
	<b8592ed80902060719y3be85e43q9ef200477735d1e2@mail.gmail.com>
	<4b008f7d0902060724o6817f822ufb3ce8a8f9060fa8@mail.gmail.com>
	<4b008f7d0902061019v414ef35do1b84a3f2e6f0b48d@mail.gmail.com>
	<20090206193651.518c3347@suszko.eu>
Date: Fri, 6 Feb 2009 20:45:18 +0000
Message-ID: <4b008f7d0902061245g458ae7eh1bd7375b0c085d4@mail.gmail.com>
From: Alex Dehaini <alexdehaini@gmail.com>
To: Maciej Suszko <maciej@suszko.eu>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: =?ISO-8859-1?Q?Istv=E1n_Szuk=E1cs?= <leccine@gmail.com>,
	freebsd-performance@freebsd.org
Subject: Re: Limiting open port RST response from 247 to 200 packets per 
	second
X-BeenThere: freebsd-performance@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Performance/tuning <freebsd-performance.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-performance>
List-Post: <mailto:freebsd-performance@freebsd.org>
List-Help: <mailto:freebsd-performance-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Feb 2009 20:45:20 -0000

Here is the output of 'vmstat -z' on my server

myserver# vmstat -z

ITEM            SIZE     LIMIT    USED    FREE  REQUESTS

PIPE:            160,        0,      6,     96,     5976
SWAPMETA:        160,   233016,      0,      0,        0
unpcb:           160,        0,      4,     46,     6460
ripcb:           192,    40000,      0,     42,       28
divcb:           192,    40000,      0,      0,        0
syncache:        160,    15359,      0,   1766,    10989
tcpcb:           576,    40000,      7,     92,     2115
udpcb:           192,    40000,      6,     36,     2158
socket:          192,    40000,     17,    111,    10762
DIRHASH:        1024,        0,    288,      4,      301
KNOTE:            64,        0,      0,    128,       24
NFSNODE:         352,        0,      0,      0,        0
NFSMOUNT:        544,        0,      0,      0,        0
VNODE:           192,        0,   2806,     56,     2806
NAMEI:          1024,        0,      0,     16,   261060
VMSPACE:         192,        0,     34,     94,     5671
PROC:            416,        0,     40,     58,     5678
DP fakepg:        64,        0,      0,      0,        0
PV ENTRY:         28,  3297134,  30022, 1002145,  4007245
MAP ENTRY:        48,        0,    753,    820,   278386
KMAP ENTRY:       48,    85223,    182,    202,    11578
MAP:             108,        0,      7,      3,        7
VM OBJECT:        92,        0,   1340,    412,   145002

I hope it helps

Alex


On Fri, Feb 6, 2009 at 6:36 PM, Maciej Suszko <maciej@suszko.eu> wrote:

> Alex Dehaini <alexdehaini@gmail.com> wrote:
> > Any ideas
>
> Show us the output of `vmstat -z` - may be helpful.
> --
> regards, Maciej Suszko.
>



-- 
Alex Dehaini
Developer
Site - www.alexdehaini.com
Email - alexdehaini@gmail.com

From owner-freebsd-performance@FreeBSD.ORG  Sat Feb  7 17:05:05 2009
Return-Path: <owner-freebsd-performance@FreeBSD.ORG>
Delivered-To: freebsd-performance@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 902C11065670
	for <freebsd-performance@freebsd.org>;
	Sat,  7 Feb 2009 17:05:05 +0000 (UTC)
	(envelope-from gofp-freebsd-performance@m.gmane.org)
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2])
	by mx1.freebsd.org (Postfix) with ESMTP id 17E018FC0A
	for <freebsd-performance@freebsd.org>;
	Sat,  7 Feb 2009 17:05:05 +0000 (UTC)
	(envelope-from gofp-freebsd-performance@m.gmane.org)
Received: from list by ciao.gmane.org with local (Exim 4.43)
	id 1LVpuN-0000ml-IL
	for freebsd-performance@freebsd.org; Sat, 07 Feb 2009 16:19:56 +0000
Received: from 93-138-45-59.adsl.net.t-com.hr ([93.138.45.59])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <freebsd-performance@freebsd.org>; Sat, 07 Feb 2009 16:19:55 +0000
Received: from ivoras by 93-138-45-59.adsl.net.t-com.hr with local (Gmexim 0.1
	(Debian)) id 1AlnuQ-0007hv-00
	for <freebsd-performance@freebsd.org>; Sat, 07 Feb 2009 16:19:55 +0000
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-performance@freebsd.org
From: Ivan Voras <ivoras@freebsd.org>
Date: Sat, 07 Feb 2009 17:19:15 +0100
Lines: 63
Message-ID: <gmkcaq$8b7$1@ger.gmane.org>
References: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature";
	boundary="------------enig777DCA74B662769DF0D10E68"
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: 93-138-45-59.adsl.net.t-com.hr
User-Agent: Thunderbird 2.0.0.19 (Windows/20081209)
In-Reply-To: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
X-Enigmail-Version: 0.95.7
Sender: news <news@ger.gmane.org>
Subject: Re: Limiting open port RST response from 247 to 200 packets per
	second
X-BeenThere: freebsd-performance@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Performance/tuning <freebsd-performance.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-performance>
List-Post: <mailto:freebsd-performance@freebsd.org>
List-Help: <mailto:freebsd-performance-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-performance>,
	<mailto:freebsd-performance-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Feb 2009 17:05:05 -0000

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig777DCA74B662769DF0D10E68
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Alex Dehaini wrote:
> Hi Guys,
>=20
> I have some issues with Squid on Freebsd. I am running FreeBSD release =
4.9
> and Squid version 2.5.
>=20
> I have setup FreeBSD as a bridge so that all traffic from my network ca=
n
> transparently pass through the FreeBSD server. I am running Squid on th=
e
> same server and I created an ipfw rule to redirect port 80 to port 3128=
=2E
>=20
> Normally, when Squid is not started - we see traffic close to 30MB flow=
ing
> through the server. Immediately I start squid, the traffic drops to hal=
f and
> sometimes lower and stays there. When this happens, I have a lot of cli=
ents
> that will call and complain they can't access the Internet. At the same=

> time, I get these log messages
>=20
> *Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from=
 247
> to 200 packets per second
> Feb  5 20:39:44 myserver /kernel: Limiting open port RST response from =
247
> to 200 packets per second

> When I stop Squid, everything returns to normal. Any idea what is causi=
ng
> this. I will appreciate any help.

RST response means a client has tried to connect to a TCP port and
didn't succeed. In your case, is squid actually doing anything? Are
there any traffic in your logs?

By increasing icmplim you only lifted the supression of the outgoing RST
packets, you didn't solve your problem.


--------------enig777DCA74B662769DF0D10E68
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmNtIkACgkQldnAQVacBch+uwCfVbOkCZJXR4iF1nMu36ahLE6J
RSkAnAh8O9PsJutnurLh8ompJWG5WxKw
=1mj8
-----END PGP SIGNATURE-----

--------------enig777DCA74B662769DF0D10E68--