Date: Mon, 17 Oct 2005 22:26:18 -0700 From: ray@redshift.com To: "Mike Silbersack" <silby@silby.com> Cc: freebsd-hackers@freebsd.org Subject: Re: Limiting closed port RST response from XXX to 200... Message-ID: <3.0.1.32.20051017222618.00a52d18@pop.redshift.com> In-Reply-To: <2718.64.215.82.94.1129600086.squirrel@webmail3.pair.com> References: <3.0.1.32.20051017175115.00a52d18@pop.redshift.com> <3.0.1.32.20051017175115.00a52d18@pop.redshift.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:48 PM 10/17/2005 -0400, Mike Silbersack wrote: | > Hi, | > | > On a server I'm benchmark testing, via local host, I'm getting Limiting | > closed | > port RST response from XXXX to 200 packets/sec on the console when I'm | > running a | > lot of local connections very quickly all at once (about 7500 per second). | > I've | > added the following: | > | > net.inet.tcp.log_in_vain: 0 | > net.inet.udp.log_in_vain: 0 | > | > but still does it. Is there any way to disable it short of installing | > ipf? I'd | > like to see what the theoretical limit of the machine is without it | > perhaps | > limiting connections in some manner. | > | > Thanks! | > | > Ray | | Er, if you're seeing those messages, your benchmark is going very awry! | | The kernel is telling you that 7500 junk packets per second are coming in, | but that it has chosen to send RST packets in response to only 200 of | them. What you should be asking is - why are 7500 junk packets per second | coming into the system? This could be due to a flaw in how your benchmark | is setup (if you're trying to connect to a port that has no listening | service or DNS lookups to a nonexistent DNS server?), or it could be some | kernel bug you've uncovered. If it's the latter, then I would be very | interested in helping you get it fixed. | | There is a sysctl for disabling the reset rate limiting, but I would | suggest that you track down the source of the problem before resorting to | disabling the feature. | | Mike "Silby" Silbersack | | Hi Mike, Thanks for the pointers. I will check some of those areas you mention. Since I just threw this machine together real fast, I may have some DNS off the mark or something. BTW, the benchmark I'm using is 'ab' in apache/bin. I'm running it with -c 50 and -n 1000. Seems to only cause the RST thing on small files. Thanks again for the tips. Ray
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.1.32.20051017222618.00a52d18>