Problem Tuning Maxsockets
I am trying to alter the number of maxsockets allocated from the default of 2022 to 8192 on a FreeBSD 4.8 box. However, when I try to perform this operation via sysctl I'm informed the oid (kern.ipc.maxsockets) is read only. Does this mean I need to recompile the kernel? I've tried 'options MAXSOCKETS=8192' in a kernel recompile - but that was rejected by the inital parse, so either the option is different to the sysctl name or their is another way to do this? Could someone shed some light? Thanks Colin ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
UDP Problem
I have two freebsd-5.0-release boxes seperated by a wireless link (IPSEC'd with Racoon). Problem is I appear to be getting a lot of socket overflows. Their is a fair bit of traffic flowing across the link (~10 gig/day), but their is a great deal of loss (particually UDP) and I'm wondering if I need to adjust any of the sysctl options - just I'm not entirely sure which - and by how much. Could someone also explain what exacty 'broadcast/multicast datagrams dropped due to no socket' means. Any advice that could be provided would be invaluable. The output from first freebsd box is here (netstat -s): Thanks ! Colin --- tcp: 863815 packets sent 676656 data packets (444829120 bytes) 3523 data packets (2852660 bytes) retransmitted 54 data packets unnecessarily retransmitted 0 resends initiated by MTU discovery 176357 ack-only packets (166875 delayed) 0 URG only packets 0 window probe packets 6902 window update packets 391 control packets 657363 packets received 610862 acks (for 444861509 bytes) 9254 duplicate acks 0 acks for unsent data 205088 packets (44201176 bytes) received in-sequence 33 completely duplicate packets (5120 bytes) 0 old duplicate packets 1 packet with some dup. data (48 bytes duped) 99 out-of-order packets (132536 bytes) 0 packets (0 bytes) of data after window 0 window probes 51 window update packets 0 packets received after close 0 discarded for bad checksums 0 discarded for bad header offset fields 0 discarded because packet too short 190 connection requests 119 connection accepts 0 bad connection attempts 0 listen queue overflows 207 connections established (including accepts) 1151052 connections closed (including 3 drops) 52 connections updated cached RTT on close 52 connections updated cached RTT variance on close 19 connections updated cached ssthresh on close 102 embryonic connections dropped 597633 segments updated rtt (of 597134 attempts) 400 retransmit timeouts 0 connections dropped by rexmit timeout 0 persist timeouts 0 connections dropped by persist timeout 1 keepalive timeout 1 keepalive probe sent 0 connections dropped by keepalive 2483 correct ACK header predictions 3 correct data packet header predictions 119 syncache entries added 0 retransmitted 1 dupsyn 0 dropped 119 completed 0 bucket overflow 0 cache overflow 0 reset 0 stale 0 aborted 0 badack 0 unreach 0 zone failures 0 cookies sent 0 cookies received udp: 626041 datagrams received 0 with incomplete header 0 with bad data length field 0 with bad checksum 10 with no checksum 115 dropped due to no socket 8175 broadcast/multicast datagrams dropped due to no socket 28514 dropped due to full socket buffers 0 not for hashed pcb 589237 delivered 16618821 datagrams output ip: 206977728 total packets received 0 bad header checksums 0 with size smaller than minimum 0 with data size data length 0 with ip length max ip packet size 0 with header length data size 0 with data length header length 0 with bad options 0 with incorrect version number 3434557 fragments received 453 fragments dropped (dup or out of space) 20946 fragments dropped after timeout 1689252 packets reassembled ok 71135803 packets for this host 6 packets for unknown/unsupported protocol 133973109 packets forwarded (0 packets fast forwarded) 13216 packets not forwardable 0 packets received for unknown multicast group 2 redirects sent 17605260 packets sent from this host 0 packets sent with fabricated ip header 15894414 output packets dropped due to no bufs, etc. 0 output packets discarded due to no route 26548319 output datagrams fragmented 53133007 fragments created 0 datagrams that can't be fragmented 0 tunneling packets that can't find gif
ARP Problem - Please Help
Hi, My problem is this (and it's driving me nuts as I can't see the solution). I have two freebsd boxes acting as routers, the layout is like this: Clients (12.20.78.0/25) -(eth0) ROUTER A (eth1)=== (eth1) ROUTER B (eth0) (12.20.65.69) Upstream ISP Internet Router A Configuration: eth0: 12.20.78.1 Subnet 255.255.255.128 eth1: 10.0.0.1 Subnet 255.255.255.0 Router B Configuration: eth0: 12.20.65.70 Subnet 255.255.255.252 eth1: 10.0.0.2 Subnet 255.255.255.0 The private IP's denote an IPSEC VPN connection (Wireless) between ROUTER A B, all the client PC's are on public IP's. Now, the VPN works perfectly, encrypting the packets over the wireless link, however ROUTER A's eth0 interface does not appear in the arp -a lookup: ? (10.0.0.1) at 00:05:5d:a6:15:78 on eth1 permanent [ethernet] ? (10.0.0.2) at 00:c0:dd:ea:ac:5c on eth1 [ethernet] ? (12.20.78.0) at ff:ff:ff:ff:ff:ff on eth0 permanent [ethernet] ? (12.20.78.2) at 00:0c:cd:53:d9:f3 on eth0 [ethernet] ? (12.20.78.42) at 00:9a:17:90:d3:b4 on eth0 [ethernet] ? (12.20.78.52) at 00:2b:18:2e:22:21 on eth0 [ethernet] ? (12.20.78.127) at ff:ff:ff:ff:ff:ff on eth0 permanent [ethernet] If I try and force the entry, I receive the following error: routera# arp -s 12.20.78.1 00:0c:5d:e6:16:75 set: can only proxy for 12.20.78.1 The big problem this is causing is that clients cannot ping the gateway, and it responds to no requests (i.e I can't ssh into it), but it still forwards packets perfectly. Basically it's like 12.20.78.1 was invisible. The other strange thing is, that if I ssh into ROUTER B and ping 12.20.78.1 I receive replies: routerb# ping 12.20.78.1 PING 12.20.78.1 (12.20.78.1): 56 data bytes 64 bytes from 12.20.78.1: icmp_seq=0 ttl=64 time=3.577 ms 64 bytes from 12.20.78.1: icmp_seq=1 ttl=64 time=3.724 ms 64 bytes from 12.20.78.1: icmp_seq=2 ttl=64 time=3.817 ms ^C --- 12.20.78.1 ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max/stddev = 3.577/3.706/3.817/0.099 ms The output of ROUTER B's arp table is displayed below: ? (10.0.0.1) at 00:05:5d:a6:15:78 on eth1 [ethernet] ? (10.0.0.2) at 00:c0:dd:ea:ac:5c on eth1 permanent [ethernet] ? (12.20.65.69) at 00:d0:03:ba:bb:fc on eth0 [ethernet] I am completely at a loss as to how to get around this problem. Any help or advice would be really great as I've spend the past 3 days, and the floor is littered with tufts of hair ;) Just incase this is any help, this is the output from setkey -DP (For encrypting the packets across the 10.0.0.x link) on each router: ROUTER A: 0.0.0.0/0[any] 12.20.78.0/25[any] any in ipsec esp/tunnel/10.0.0.2-10.0.0.1/require spid=2 seq=1 pid=778 refcnt=1 12.20.78.0/25[any] 0.0.0.0/0[any] any out ipsec esp/tunnel/10.0.0.1-10.0.0.2/require spid=1 seq=0 pid=778 refcnt=1 ROUTER B: 12.20.78.0/25[any] 0.0.0.0/0[any] any in ipsec esp/tunnel/10.0.0.1-10.0.0.2/require spid=8 seq=1 pid=24377 refcnt=1 0.0.0.0/0[any] 12.20.78.0/25[any] any out ipsec esp/tunnel/10.0.0.2-10.0.0.1/require spid=7 seq=0 pid=24377 refcnt=1 Please help!!! :)) Many Thanks Colin Watson (Nearly bald guy) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Gif Problem
I'm running freebsd 5.0, and trying to setup a VPN tunnel between two boxes. However, I'm having some problems getting a gif tunnel working - the setup looks like this: Box-A ed0: 10.0.0.2 rl0:81.17.78.1 Box-B aue0: 10.0.0.1 rl0:81.17.78.81 Now, I've added the following lines to rc.conf to preconfigure the gif interface: gif_interfaces=gif0 ifconfig_gi ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]