ipf/ipnat no memory problem
João Assad
jfassad at parperfeito.com.br
Wed Jun 11 11:52:17 PDT 2003
Hello guys,
Does anybody have a clue on how to solve this problem ?
firewall# ipfstat -s
IP states added:
8950710 TCP
24299 UDP
4134 ICMP
1592473870 hits
3165269525 misses
6 maximum
650 no memory
9215 bkts in use
11005 active
29606 expired
8939070 closed
firewall# ipnat -s
mapped in 913470782 out 1028719022
added 59149802 expired 59056159
no memory 129676 bad nat 0
inuse 93643
rules 38
wilds 0
firewall#
I am getting "no memory" in both ipf and ipnat.
CPU: Pentium III/Pentium III Xeon/Celeron (802.72-MHz 686-class CPU)
real memory = 134217728 (131072K bytes)
avail memory = 127221760 (124240K bytes)
---------Relevant configurations----------
In /usr/src/sys/contrib/ipfilter/netinet/ip_state.h :
# define IPSTATE_SIZE 30011
# define IPSTATE_MAX 21011 /* Maximum number of states held */
Kernel options:
maxusers 0
options IPFILTER
options IPFILTER_LOG
options IPFILTER_DEFAULT_BLOCK
options IPSTEALTH
options VM_KMEM_SIZE_SCALE="2"
I dont have the netstat -m output of my peak time which is when the problem
occurs, but right now its:
firewall# netstat -m
269/912/6016 mbufs in use (current/peak/max):
269 mbufs allocated to data
265/594/1504 mbuf clusters in use (current/peak/max)
1416 Kbytes allocated to network (31% of mb_map in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines
I would appreciate it if someone can give me some help in this issue, Im
completely in the dark right now.
Best regards,
--
João Assad
ParPerfeito Comunicação LTDA
http://www.parperfeito.com.br/
More information about the freebsd-isp
mailing list