On Tue, 1 Feb 2011 17:45:52 -0500
Ted Unangst wrote:
> On Tue, Feb 1, 2011 at 4:34 PM, Steve Johnson
> wrote:
> > I had forgotten to also include the sysctl changes that I had made
> > as well, mostly based from calomel.org, which were the following:
> >
> > net.inet.ip.ttl=254
>
> I love this.
Ok, thanks for the tip. I've removed the settings through sysctl, but
unfortunately I still see those alerts being triggered, then mostly resolved
during the next check.
The system seems to have some issues during heavy UDP session bursts (the
monitoring system issues a stream of requests to a cou
sigh.
remove this bullshit and start over.
* Steve Johnson [2011-02-01 22:38]:
> Ok, thanks for the tips. I did not have any ifq drops, but have still just
> increased the net.inet.icmp.errppslimit to 1 (from the 1000 that was
> before and shown below) and will see if that helps anything. Th
On Tue, Feb 1, 2011 at 4:34 PM, Steve Johnson wrote:
> I had forgotten to also include the sysctl changes that I had made as well,
> mostly based from calomel.org, which were the following:
>
> net.inet.ip.ttl=254
I love this. Bigger is better!
Ok, thanks for the tips. I did not have any ifq drops, but have still just
increased the net.inet.icmp.errppslimit to 1 (from the 1000 that was
before and shown below) and will see if that helps anything. Thanks also for
the clarification on the match counter.
I had forgotten to also include t
* Steve Johnson [2011-02-01 20:35]:
> I currently have a system that has no match rule in the ruleset, but that
> uses tables for a big chunk of the traffic, including our monitoring station
> that has a pretty high SNMP request rate. That system has a state table that
> usually stabilizes between
Hi,
I currently have a system that has no match rule in the ruleset, but that
uses tables for a big chunk of the traffic, including our monitoring station
that has a pretty high SNMP request rate. That system has a state table that
usually stabilizes between 15-20K sessions, with a session search
7 matches
Mail list logo
