From owner-freebsd-isp@FreeBSD.ORG Wed Jun 11 11:52:16 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EADA737B401 for ; Wed, 11 Jun 2003 11:52:16 -0700 (PDT) Received: from mail.parperfeito.com.br (host-84.c8b96a.parperfeito.com.br [200.185.106.84]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2A4C843F75 for ; Wed, 11 Jun 2003 11:52:16 -0700 (PDT) (envelope-from jfassad@parperfeito.com.br) Received: from 127.0.0.1 (support.parperfeito.com.br [127.0.0.1]) by dummy.domain.name (Postfix) with SMTP id 4B773DC007 for ; Wed, 11 Jun 2003 15:52:13 -0300 (GMT+3) Received: from joao (unknown [200.185.115.130]) by mail.parperfeito.com.br (Postfix) with SMTP id 0E28BDC012 for ; Wed, 11 Jun 2003 15:52:12 -0300 (GMT+3) Message-ID: <020201c3304a$8fc5bd80$0402a8c0@joao> From: =?iso-8859-1?Q?Jo=E3o_Assad?= To: Date: Wed, 11 Jun 2003 15:52:05 -0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Content-Transfer-Encoding: quoted-printable Subject: ipf/ipnat no memory problem X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2003 18:52:17 -0000 Hello guys, Does anybody have a clue on how to solve this problem ? firewall# ipfstat -s IP states added: 8950710 TCP 24299 UDP 4134 ICMP 1592473870 hits 3165269525 misses 6 maximum 650 no memory 9215 bkts in use 11005 active 29606 expired 8939070 closed firewall# ipnat -s mapped in 913470782 out 1028719022 added 59149802 expired 59056159 no memory 129676 bad nat 0 inuse 93643 rules 38 wilds 0 firewall# I am getting "no memory" in both ipf and ipnat. CPU: Pentium III/Pentium III Xeon/Celeron (802.72-MHz 686-class CPU) real memory =3D 134217728 (131072K bytes) avail memory =3D 127221760 (124240K bytes) ---------Relevant configurations---------- In /usr/src/sys/contrib/ipfilter/netinet/ip_state.h : # define IPSTATE_SIZE 30011 # define IPSTATE_MAX 21011 /* Maximum number of states held = */ Kernel options: maxusers 0 options IPFILTER options IPFILTER_LOG options IPFILTER_DEFAULT_BLOCK options IPSTEALTH options VM_KMEM_SIZE_SCALE=3D"2" I dont have the netstat -m output of my peak time which is when the probl= em occurs, but right now its: firewall# netstat -m 269/912/6016 mbufs in use (current/peak/max): 269 mbufs allocated to data 265/594/1504 mbuf clusters in use (current/peak/max) 1416 Kbytes allocated to network (31% of mb_map in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines I would appreciate it if someone can give me some help in this issue, Im completely in the dark right now. Best regards, -- Jo=E3o Assad ParPerfeito Comunica=E7=E3o LTDA http://www.parperfeito.com.br/