On Jul 17, 2008, at 12:44 PM, Sean Chittenden wrote:
-messages is full of:
Limiting open port RST response from 441 to 200 packets/sec
Limiting open port RST response from 488 to 200 packets/sec
Limiting open port RST response from 399 to 200 packets/sec
Limiting open port RST response from 434 to 200 packets/sec
Limiting open port RST response from 308 to 200 packets/sec
I'm not sure if that's related or not.
Likely not, but you want to set net.inet.icmp.icmplim=2000 or
something much higher. ICMP is a good thing and an important part
of TCP. For that much traffic, you need more ICMP packets.
net.inet.tcp.recvspace seems high, you probably only want it to be
4096 or maybe double that.... unless your traffic is all HTTP
posts. Why don't you want to run with accept filters? Any
firewalls or rate filters in the way? -sc
The httpready filter was just off for debugging (in case it solved our
problem) - it didn't seem to affect it, so it's back on now.
There are a lot of large HTTP posts happening, and we don't seem to be
low on memory, so recvspace should be ok. somaxconn is also much
higher than necessary, though, so maybe that could be a problem.
Anyway, raising icmplim has emptied the system log, but there are
still several errors per minute. I don't think any of the netstat -s
counters are going up at the same rate, but I'll keep looking at those.
And there's no firewalls or packet shapers in front of it.
_______________________________________________
freebsd-performance@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-performance
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
