Date: Fri, 6 Feb 2009 15:24:52 +0000 From: Alex Dehaini <alexdehaini@gmail.com> To: =?ISO-8859-1?Q?Istv=E1n_Szuk=E1cs?= <leccine@gmail.com> Cc: freebsd-performance@freebsd.org Subject: Re: Limiting open port RST response from 247 to 200 packets per second Message-ID: <4b008f7d0902060724o6817f822ufb3ce8a8f9060fa8@mail.gmail.com> In-Reply-To: <b8592ed80902060719y3be85e43q9ef200477735d1e2@mail.gmail.com> References: <4b008f7d0902060644o62a3942lf63ff6689c3b4d94@mail.gmail.com> <b8592ed80902060719y3be85e43q9ef200477735d1e2@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I increased net.inet.icmp.icmplim to 2000 but this does not make any change= . Here is my output myserver# sysctl -a | grep net.inet.icmp.icmplim net.inet.icmp.icmplim: 2000 net.inet.icmp.icmplim_output: 1 After increasing inet.icmp.icmplim to 2000 and startign Squid, I don't get the errors below Feb 5 20:39:44 myserver /kernel: Limiting open port RST response from 247 to 200 packets per second Feb 5 20:39:44 myserver /kernel: Limiting open port RST response from 247 to 200 packets per second Feb 5 20:39:45 myserver /kernel: Limiting open port RST response from 239 to 200 packets per second But traffic still drops. Alex On Fri, Feb 6, 2009 at 3:19 PM, Istv=E1n Szuk=E1cs <leccine@gmail.com> wrot= e: > Hi! > > > lix@test:~$sysctl -a | grep net.inet.icmp.icmplim > net.inet.icmp.icmplim: 200 > net.inet.icmp.icmplim_output: 1 > > > Regards, > Istvan > > On Fri, Feb 6, 2009 at 2:44 PM, Alex Dehaini <alexdehaini@gmail.com>wrote= : > >> Hi Guys, >> >> I have some issues with Squid on Freebsd. I am running FreeBSD release 4= .9 >> and Squid version 2.5. >> >> I have setup FreeBSD as a bridge so that all traffic from my network can >> transparently pass through the FreeBSD server. I am running Squid on the >> same server and I created an ipfw rule to redirect port 80 to port 3128. >> >> Normally, when Squid is not started - we see traffic close to 30MB flowi= ng >> through the server. Immediately I start squid, the traffic drops to half >> and >> sometimes lower and stays there. When this happens, I have a lot of >> clients >> that will call and complain they can't access the Internet. At the same >> time, I get these log messages >> >> *Feb 5 20:39:44 myserver /kernel: Limiting open port RST response from >> 247 >> to 200 packets per second >> Feb 5 20:39:44 myserver /kernel: Limiting open port RST response from 2= 47 >> to 200 packets per second >> Feb 5 20:39:45 myserver /kernel: Limiting open port RST response from 2= 39 >> to 200 packets per second >> Feb 5 20:39:45 myserver /kernel: Limiting open port RST response from 2= 39 >> to 200 packets per second >> Feb 5 20:39:46 myserver /kernel: Limiting open port RST response from 2= 73 >> to 200 packets per second >> Feb 5 20:39:46 myserver /kernel: Limiting open port RST response from 2= 73 >> to 200 packets per second >> Feb 5 20:39:47 myserver /kernel: Limiting open port RST response from 2= 28 >> to 200 packets per second >> Feb 5 20:39:47 myserver /kernel: Limiting open port RST response from 2= 28 >> to 200 packets per second >> Feb 5 20:39:48 myserver /kernel: Limiting open port RST response from 2= 25 >> to 200 packets per second >> Feb 5 20:39:48 myserver /kernel: Limiting open port RST response from 2= 25 >> to 200 packets per second >> Feb 5 20:39:49 myserver /kernel: Limiting open port RST response from 2= 44 >> to 200 packets per second >> Feb 5 20:39:49 myserver /kernel: Limiting open port RST response from 2= 44 >> to 200 packets per second >> Feb 5 20:39:50 myserver /kernel: Limiting open port RST response from 2= 59 >> to 200 packets per second >> Feb 5 20:39:50 myserver /kernel: Limiting open port RST response from 2= 59 >> to 200 packets per second >> Feb 5 20:39:51 myserver /kernel: Limiting open port RST response from 2= 34 >> to 200 packets per second >> Feb 5 20:39:51 myserver /kernel: Limiting open port RST response from 2= 34 >> to 200 packets per second >> Feb 5 20:39:52 myserver /kernel: Limiting open port RST response from 2= 43 >> to 200 packets per second >> Feb 5 20:39:52 myserver /kernel: Limiting open port RST response from 2= 43 >> to 200 packets per second >> Feb 5 20:39:53 myserver /kernel: Limiting open port RST response from 2= 18 >> to 200 packets per second >> Feb 5 20:39:53 myserver /kernel: Limiting open port RST response from 2= 18 >> to 200 packets per second >> Feb 5 20:39:55 myserver /kernel: Limiting open port RST response from 2= 33 >> to 200 packets per second >> Feb 5 20:39:55 myserver /kernel: Limiting open port RST response from 2= 33 >> to 200 packets per second >> Feb 5 20:39:56 myserver /kernel: Limiting open port RST response from 2= 41 >> to 200 packets per second >> Feb 5 20:39:56 myserver /kernel: Limiting open port RST response from 2= 41 >> to 200 packets per second >> Feb 5 20:39:57 myserver /kernel: Limiting open port RST response from 2= 20 >> to 200 packets per second >> Feb 5 20:39:57 myserver /kernel: Limiting open port RST response from 2= 20 >> to 200 packets per second >> Feb 5 20:39:58 myserver /kernel: Limiting open port RST response from 2= 06 >> to 200 packets per second >> Feb 5 20:39:58 myserver /kernel: Limiting open port RST response from 2= 06 >> to 200 packets per second >> Feb 5 20:40:01 myserver /kernel: Limiting open port RST response from 2= 23 >> to 200 packets per second >> Feb 5 20:40:01 myserver /kernel: Limiting open port RST response from 2= 23 >> to 200 packets per second* >> >> When I stop Squid, everything returns to normal. Any idea what is causin= g >> this. I will appreciate any help. >> >> Thanks >> >> -- >> Alex Dehaini >> Developer >> Site - www.alexdehaini.com >> Email - alexdehaini@gmail.com >> _______________________________________________ >> freebsd-performance@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-performance >> To unsubscribe, send any mail to " >> freebsd-performance-unsubscribe@freebsd.org" >> > > > > -- > the sun shines for all > --=20 Alex Dehaini Developer Site - www.alexdehaini.com Email - alexdehaini@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4b008f7d0902060724o6817f822ufb3ce8a8f9060fa8>