From owner-freebsd-current@FreeBSD.ORG Tue Feb 12 20:44:18 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C5D2E16A419 for ; Tue, 12 Feb 2008 20:44:18 +0000 (UTC) (envelope-from jmg@hydrogen.funkthat.com) Received: from hydrogen.funkthat.com (gate.funkthat.com [69.17.45.168]) by mx1.freebsd.org (Postfix) with ESMTP id 63EC513C45E for ; Tue, 12 Feb 2008 20:44:18 +0000 (UTC) (envelope-from jmg@hydrogen.funkthat.com) Received: from hydrogen.funkthat.com (3yw3nykajku8e6ka@localhost.funkthat.com [127.0.0.1]) by hydrogen.funkthat.com (8.13.6/8.13.3) with ESMTP id m1CKKDpA024756; Tue, 12 Feb 2008 12:20:14 -0800 (PST) (envelope-from jmg@hydrogen.funkthat.com) Received: (from jmg@localhost) by hydrogen.funkthat.com (8.13.6/8.13.3/Submit) id m1CKKCoq024755; Tue, 12 Feb 2008 12:20:12 -0800 (PST) (envelope-from jmg) Date: Tue, 12 Feb 2008 12:20:12 -0800 From: John-Mark Gurney To: "Aryeh M. Friedman" Message-ID: <20080212202012.GV7399@funkthat.com> Mail-Followup-To: "Aryeh M. Friedman" , freebsd-current@freebsd.org References: <47B195EF.9060603@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <47B195EF.9060603@gmail.com> User-Agent: Mutt/1.4.2.1i X-Operating-System: FreeBSD 5.4-RELEASE-p6 i386 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (hydrogen.funkthat.com [127.0.0.1]); Tue, 12 Feb 2008 12:20:14 -0800 (PST) X-Mailman-Approved-At: Wed, 13 Feb 2008 02:31:09 +0000 Cc: freebsd-current@freebsd.org Subject: Re: does this error message mean anything bad? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: John-Mark Gurney List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Feb 2008 20:44:18 -0000 Aryeh M. Friedman wrote this message on Tue, Feb 12, 2008 at 07:49 -0500: > Limiting closed port RST response from 266 to 200 packets/second. Since everyone else has thrown their two bits in, it could also mean that you have a busy server, and that you are exceeding 200 connections/sec, and that this is limiting the number of connections we fully close per second. If you are testing a web server over gige w/ small files, you will usually run into this problem.. Upding the sysctl net.inet.icmp.icmplim will increase this limit. Yes, I know it's not intuitive the ICMP limit is responsible for TCP RST's, but that's the way it is... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."