Res: Res: Res: Dropped Packets
Chris Marlatt
cmarlatt at rxsec.com
Fri Mar 7 22:56:31 UTC 2008
Lorenz Helleis wrote:
> Indeed, do you have any min & max number for bps and pps for this
> firewall's internal and external interfaces? On which interface are you
> dropping the packets?
>
> Regards,
>
> Chris
>
>
>
> 300Mbps and 20.000 pps. But i will do a biggest firewall.
>
> This is an internal firewall... I think the entry in the table session is desapearing, so the client needs to make another conection. I´m thinking about create a stateless rule.
>
Do the machines generating the traffic have multiple paths?
The only time I've really seen pf have problems with sessions is when
the devices send and receive traffic via different paths or multiple
paths (i.e. traffic comes in via firewall01 but goes out firewall02 and
firewall01 and firewall02 do not implement pfsync).
Regards,
Chris
More information about the freebsd-pf
mailing list