Date: Mon, 25 Feb 2008 14:59:40 +0200 From: Ian FREISLICH <ianf@clue.co.za> To: current@freebsd.org Subject: spamassassin/network/SYN performance Message-ID: <E1JTcvl-0001cp-08@clue.co.za>
next in thread | raw e-mail | index | archive | help
Hi I'm trying Spamassassin on that 16 way AMD box I mentioned earlier and I'm running into problems loading the server. I'm using 5 servers each opening up to 60 concurrent connections to spamd to generate the scanning load, but I'm getting this message: Feb 25 14:08:15 amd64 kernel: Limiting open port RST response from 2979 to 200 packets/sec Which strangely seems to be controlled by net.inet.icmp.icmplim. There the comes a time when the system thinks it's being SYN-attacked or the listen backlog is exhausted and starts rejecting incoming connections with the above message. The fastest It's able to process messages is about 1400 per minute. This figure is about 500 messages a minute less than Debian can process on the same hardware with the same spamd configuration, without rejecting any inbound connections at connect time. Any ideas how to improve things? Ian -- Ian Freislich
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1JTcvl-0001cp-08>