Date: Sat, 07 Feb 2009 17:19:15 +0100 From: Ivan Voras <ivoras@freebsd.org> To: freebsd-performance@freebsd.org Subject: Re: Limiting open port RST response from 247 to 200 packets per second Message-ID: <gmkcaq$8b7$1@ger.gmane.org> In-Reply-To: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com> References: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Alex Dehaini wrote: > Hi Guys, > > I have some issues with Squid on Freebsd. I am running FreeBSD release 4.9 > and Squid version 2.5. > > I have setup FreeBSD as a bridge so that all traffic from my network can > transparently pass through the FreeBSD server. I am running Squid on the > same server and I created an ipfw rule to redirect port 80 to port 3128. > > Normally, when Squid is not started - we see traffic close to 30MB flowing > through the server. Immediately I start squid, the traffic drops to half and > sometimes lower and stays there. When this happens, I have a lot of clients > that will call and complain they can't access the Internet. At the same > time, I get these log messages > > *Feb 5 20:39:44 myserver /kernel: Limiting open port RST response from 247 > to 200 packets per second > Feb 5 20:39:44 myserver /kernel: Limiting open port RST response from 247 > to 200 packets per second > When I stop Squid, everything returns to normal. Any idea what is causing > this. I will appreciate any help. RST response means a client has tried to connect to a TCP port and didn't succeed. In your case, is squid actually doing anything? Are there any traffic in your logs? By increasing icmplim you only lifted the supression of the outgoing RST packets, you didn't solve your problem. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmNtIkACgkQldnAQVacBch+uwCfVbOkCZJXR4iF1nMu36ahLE6J RSkAnAh8O9PsJutnurLh8ompJWG5WxKw =1mj8 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?gmkcaq$8b7$1>