Date: Sat, 07 Feb 2009 17:19:15 +0100 From: Ivan Voras <ivoras@freebsd.org> To: freebsd-performance@freebsd.org Subject: Re: Limiting open port RST response from 247 to 200 packets per second Message-ID: <gmkcaq$8b7$1@ger.gmane.org> In-Reply-To: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com> References: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig777DCA74B662769DF0D10E68 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Alex Dehaini wrote: > Hi Guys, >=20 > I have some issues with Squid on Freebsd. I am running FreeBSD release = 4.9 > and Squid version 2.5. >=20 > I have setup FreeBSD as a bridge so that all traffic from my network ca= n > transparently pass through the FreeBSD server. I am running Squid on th= e > same server and I created an ipfw rule to redirect port 80 to port 3128= =2E >=20 > Normally, when Squid is not started - we see traffic close to 30MB flow= ing > through the server. Immediately I start squid, the traffic drops to hal= f and > sometimes lower and stays there. When this happens, I have a lot of cli= ents > that will call and complain they can't access the Internet. At the same= > time, I get these log messages >=20 > *Feb 5 20:39:44 myserver /kernel: Limiting open port RST response from= 247 > to 200 packets per second > Feb 5 20:39:44 myserver /kernel: Limiting open port RST response from = 247 > to 200 packets per second > When I stop Squid, everything returns to normal. Any idea what is causi= ng > this. I will appreciate any help. RST response means a client has tried to connect to a TCP port and didn't succeed. In your case, is squid actually doing anything? Are there any traffic in your logs? By increasing icmplim you only lifted the supression of the outgoing RST packets, you didn't solve your problem. --------------enig777DCA74B662769DF0D10E68 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmNtIkACgkQldnAQVacBch+uwCfVbOkCZJXR4iF1nMu36ahLE6J RSkAnAh8O9PsJutnurLh8ompJWG5WxKw =1mj8 -----END PGP SIGNATURE----- --------------enig777DCA74B662769DF0D10E68--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?gmkcaq$8b7$1>