Date: Fri, 12 Nov 2021 16:29:18 +0100 From: Kurt Jaeger <pi@freebsd.org> To: tuexen@freebsd.org Cc: freebsd-net@freebsd.org Subject: Re: dtrace to trace incoming connection not suceeding ? Message-ID: <YY6ITiq%2B8x5nw5a/@fc.opsec.eu> In-Reply-To: <43FC040E-E5DE-4F4E-B91E-AAA807207D05@freebsd.org> References: <YY5nhomjYRnRojwa-v2@fc.opsec.eu> <866D4765-25EF-4C5F-AA2E-D6BE8D5EBEEB@freebsd.org> <YY6C2/OyG3KTvV%2BM@fc.opsec.eu> <43FC040E-E5DE-4F4E-B91E-AAA807207D05@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi! > >>> The basic ipfw firewall is active, but > >> Does it work, if you disable ipfw? > > No, unfortunatly not. > OK. Can you provide the output of > netstat -sptcp > after some packets were dropped. https://people.freebsd.org/~pi/logs/netstat-t1.txt https://people.freebsd.org/~pi/logs/netstat-t2.txt 4 connection attempts in that time. On the same 10g ix0 interface we have three VLANs: - one (vlan551) of them uses tcp-md5 for another bgp session - one (vlan500) does not use tcp-md5, and has the problem - one (vlan724) does not use tcp-md5 for bgp, and works fine -- pi@FreeBSD.org +49 171 3101372 Now what ?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YY6ITiq%2B8x5nw5a/>