On Sat, Sep 11, 2010 at 09:27:51AM -0600, Andy Bradford wrote:
> Thus said Claudio Jeker on Sat, 11 Sep 2010 11:28:31 +0200:
>
> > Wrong UDP is normaly not a fully defined 4 touple. Especially the
> > listening sockets (on port 53) can be slammed with packets. On the
> > other hand, if th
* Martin Pelikan [2010-09-09 12:24]:
> It depends on what do you need. The defaults suffice for most cases,
> but on our most loaded router we use tcp both 256k and udp send space
which is bullshit on a router, since rcv/send space is for sockets and
irrelevant for forwarded traffic - no sockets
Thus said Claudio Jeker on Sat, 11 Sep 2010 11:28:31 +0200:
> Wrong UDP is normaly not a fully defined 4 touple. Especially the
> listening sockets (on port 53) can be slammed with packets. On the
> other hand, if the recvbuffer overflows then packets just get dropped.
Thank you for the
On Fri, Sep 10, 2010 at 08:20:30PM -0600, Andy Bradford wrote:
> Thus said Claudio Jeker on Fri, 10 Sep 2010 21:36:16 +0200:
>
> > Because on busy servers you need to queue quite a few packets to
> > handle bursts.
>
> I was under the impression that UDP is connectionless and therefore
Thus said Claudio Jeker on Fri, 10 Sep 2010 21:36:16 +0200:
> Because on busy servers you need to queue quite a few packets to
> handle bursts.
I was under the impression that UDP is connectionless and therefore
does not behave the same as a TCP connection. I would guess that
s
Martin Pelik??n [martin.peli...@gmail.com] wrote:
> 2010/9/10, Chris Cappuccio :
> > Stop using ALTQ on your DNS server, perhaps? That may be what is causing
> > the back-pressure that you're seeing.
>
> Why do you think it would help? Those lots of packets would arrive
> anyway, only the decent
2010/9/10, Chris Cappuccio :
> Stop using ALTQ on your DNS server, perhaps? That may be what is causing
> the back-pressure that you're seeing.
Why do you think it would help? Those lots of packets would arrive
anyway, only the decent user will wait longer for his website to load.
Fortunately alt
Martin Pelik??n [martin.peli...@gmail.com] wrote:
> 2010/9/10, Andy Bradford
> :
> > Why would you need 65k UDP for DNS? Almost all UDP based DNS responses
> > are under 512 bytes, those that are larger are required to set the
> > truncated bit and the client restart the query using TCP.
>
On Fri, Sep 10, 2010 at 08:35:04AM -0600, Andy Bradford wrote:
> Thus said =?UTF-8?Q?Martin_Pelik=C3=A1n?= on Thu, 09 Sep 2010 12:21:17 +0200:
>
> > It depends on what do you need. The defaults suffice for most cases,
> > but on our most loaded router we use tcp both 256k and udp send space
> >
2010/9/10, Andy Bradford
:
> Why would you need 65k UDP for DNS? Almost all UDP based DNS responses
> are under 512 bytes, those that are larger are required to set the
> truncated bit and the client restart the query using TCP.
We have probably too many wild users because the logs were fl
Thus said =?UTF-8?Q?Martin_Pelik=C3=A1n?= on Thu, 09 Sep 2010 12:21:17 +0200:
> It depends on what do you need. The defaults suffice for most cases,
> but on our most loaded router we use tcp both 256k and udp send space
> 65k (lots of dns). Just test it somewhere.
Why would you need 65k UDP
2010/9/10, Stuart Henderson :
> these affect traffic sourced from the box itself, *not* routed through it.
We had to do quite extensive link testing because of strange packet
loss on the SDH circuit. The buffer sizes really mattered :-) But
thanks to the information as the link appears to be okay
On 2010-09-09, Martin Pelik??n wrote:
> 2010/9/9, Joe Warren-Meeks :
>> recv/send:
>> net.inet.tcp.recvspace=16384
>> net.inet.udp.recvspace=41600
>> j...@f1:/home/joe> sysctl -a |grep send
>> net.inet.tcp.sendspace=16384
>> net.inet.udp.sendspace=9216
>>
>>
>> Too low? What is a good value for th
Joe Warren-Meeks wrote:
Hey guys,
I'm running two HPDL360 G5 servers with OpenBSD 4.6+carp+pf+pfsync as
an active/passive firewall pair.
Both are running: (full dmesg at bottom, along with edited pf.conf, in
case it's relevant)
j...@f2:/home/joe> uname -a
OpenBSD f2 4.6 GENERIC.MP#81 amd64
I'
2010/9/9, Joe Warren-Meeks :
> Well, the machine has 6Gb of RAM and is only pushing 10Mbit/s of
> traffic at peak. It does need to maintain a largeish state table, as
> it is predominatly web traffic, but I've run much much larger and
> busier sites behind much smaller hardware with the same config
2010/9/9 Martin Pelikan :
Hello Martin,
> I thought the same when I played with TCP buffers set to 1M and after
> some heavy load tests I went out of RAM quite soon :-) The machine had
> 2G.
Well, the machine has 6Gb of RAM and is only pushing 10Mbit/s of
traffic at peak. It does need to maintai
2010/9/8, Joe Warren-Meeks :
> I've had a weird problem happen twice now. It seems after about 4 - 6
> weeks of running very happily, both servers lock up completely at the
> same time. Both consoles show no error messages, but the cursor is
> blinking away happily. Neither console will take any in
Hey guys,
I'm running two HPDL360 G5 servers with OpenBSD 4.6+carp+pf+pfsync as
an active/passive firewall pair.
Both are running: (full dmesg at bottom, along with edited pf.conf, in
case it's relevant)
j...@f2:/home/joe> uname -a
OpenBSD f2 4.6 GENERIC.MP#81 amd64
I've had a weird problem hap
18 matches
Mail list logo
