Date: Wed, 11 Jun 2003 15:52:05 -0300 From: =?iso-8859-1?Q?Jo=E3o_Assad?= <jfassad@parperfeito.com.br> To: <freebsd-isp@freebsd.org> Subject: ipf/ipnat no memory problem Message-ID: <020201c3304a$8fc5bd80$0402a8c0@joao>
next in thread | raw e-mail | index | archive | help
Hello guys,
Does anybody have a clue on how to solve this problem ?
firewall# ipfstat -s
IP states added:
8950710 TCP
24299 UDP
4134 ICMP
1592473870 hits
3165269525 misses
6 maximum
650 no memory
9215 bkts in use
11005 active
29606 expired
8939070 closed
firewall# ipnat -s
mapped in 913470782 out 1028719022
added 59149802 expired 59056159
no memory 129676 bad nat 0
inuse 93643
rules 38
wilds 0
firewall#
I am getting "no memory" in both ipf and ipnat.
CPU: Pentium III/Pentium III Xeon/Celeron (802.72-MHz 686-class CPU)
real memory = 134217728 (131072K bytes)
avail memory = 127221760 (124240K bytes)
---------Relevant configurations----------
In /usr/src/sys/contrib/ipfilter/netinet/ip_state.h :
# define IPSTATE_SIZE 30011
# define IPSTATE_MAX 21011 /* Maximum number of states held */
Kernel options:
maxusers 0
options IPFILTER
options IPFILTER_LOG
options IPFILTER_DEFAULT_BLOCK
options IPSTEALTH
options VM_KMEM_SIZE_SCALE="2"
I dont have the netstat -m output of my peak time which is when the problem
occurs, but right now its:
firewall# netstat -m
269/912/6016 mbufs in use (current/peak/max):
269 mbufs allocated to data
265/594/1504 mbuf clusters in use (current/peak/max)
1416 Kbytes allocated to network (31% of mb_map in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines
I would appreciate it if someone can give me some help in this issue, Im
completely in the dark right now.
Best regards,
--
João Assad
ParPerfeito Comunicação LTDA
http://www.parperfeito.com.br/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?020201c3304a$8fc5bd80$0402a8c0>