Hi,
Thanks a lot for your message.
> Look at sysctl net.inet.ip.ifq, bump maxlen until drops stops
> increasing. I'd try 250 for starters.
I followed your suggestion. It did help to reduce the frequency
of this kind of event. The drops seem to have stopped at 300.
net.inet.ip.ifq.len=0
net.inet.ip.ifq.maxlen=300
net.inet.ip.ifq.drops=0
However, the problem did not go away altogether. I would like to
know if it has anything to do with the "memory" or "state
mismatch" statistics below:
# pfctl -si
Status: Enabled for 2 days 01:50:25 Debug: Urgent
Interface Stats for sk0 IPv4 IPv6
Bytes In 75871531127 0
Bytes Out 43600578884 64
Packets In
Passed 85942323 0
Blocked 136001 0
Packets Out
Passed 71218283 1
Blocked 11063 0
State Table Total Rate
current entries 3029
searches 315805379 1760.1/s
inserts 3676897 20.5/s
removals 3673868 20.5/s
Counters
match 4838591 27.0/s
bad-offset 0 0.0/s
fragment 276 0.0/s
short 11 0.0/s
normalize 11 0.0/s
memory 131423 0.7/s
bad-timestamp 0 0.0/s
congestion 0 0.0/s
ip-option 0 0.0/s
proto-cksum 7912 0.0/s
state-mismatch 26192 0.1/s
state-insert 84 0.0/s
state-limit 0 0.0/s
src-limit 0 0.0/s
synproxy 15113 0.1/s
Kind regards,
Jeff.
--
We've Got Your Name at http://www.mail.com!
Get a FREE E-mail Account Today - Choose From 100+ Domains
