Date: Fri, 15 Aug 2008 21:22:00 -0400 From: Mike Tancsa <mike@sentex.net> To: Erol Akarsu <eakarsu_33@yahoo.com> Cc: freebsd-current@freebsd.org Subject: Re: Limiting icmp unreach response fron 348 to 200 packets/sec Message-ID: <200808160122.m7G1M4od052103@lava.sentex.ca> In-Reply-To: <136625.5517.qm@web45211.mail.sp1.yahoo.com> References: <136625.5517.qm@web45211.mail.sp1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:01 PM 8/15/2008, Erol Akarsu wrote:
>Hi,
>
>Thanks for helping this.
>
>Now, I am getting "Limiting icmp unreach response fron 348 to 200 packets/sec"
Hi,
These questions are better asked on
freebsd-questions@freebsd.org. But the above indicates processes are
hitting your freebsd server on ports where nothing is listenting and
the FreeBSD box is sending out "port unreachable" messages at a limit
of 200 per second, but if it were to answer all bogus requests the
rate would have been 348 per second.
>In which conditions can we get this? does this effect functionality
>of the system?
other hosts are accessing ports on your server where nothing is listening.
>How can I solve this issue?
sysctl -w net.inet.tcp.blackhole=1
sysctl -w net.inet.udp.blackhole=1
to stop all the port unreachable messages, but ultimately find out
why your program / application is not listening on that port.
---Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200808160122.m7G1M4od052103>