hello. i am experiencing some packets losts during traffic peaks, which i am unable to explain. i hope someone on the list is wiser than me.
the setup: a p3/533 Mhz/256 MiB machine running SuSE 7.2, 2.4.16 kernel providing proxy and firewall services for a cca. 70 machines subnetwork, with three 3com 905 network cards, only two used right now. a fairly long rule list (up to 3200 lines in custom chains referrenced from the forward chain). and i can't change this list :) the problem: each night, the 70 PC send a status report. the complete report consists of 7 packets sent by the PC (and of course answers to these packets). however, all PC try to send the record in the same time (during cca 5 seconds). and when the firewall is enabled, up to 15 of them fail to send the report. the whole process is automated, and beyond my powers. i cannot change the way and the time when the status reports are sent. however, it is required that all PCs send their reports. the problem cannot be attributed to hardware. when the packet filtering is switched off, all PCs succeed to send their reports. so, it has to be connected with the performance of netfilter. talking about packet filtering, the rule which allows the reports to be sent is 5th from the top (and cannot be higher), so the total number of rules (which i admit is big) should not matter. it's the first time i saw something like this happen. that a computer like this is unable to handle a peak traffic of cca 70x7x2 packets. anybody has some ideas or comments? some queues i failed to adjust? or other settings? i am planning to upgrade to the latest kernel version, may be that will help... thanks in forward. j. -- _______________________________________________________________________________ >[EMAIL PROTECTED]< >http://www.oracle.com/cz/<
msg01272/pgp00000.pgp
Description: PGP signature
