Res: Dropped Packets

Lorenz Helleis lorenzhelleis at yahoo.com.br
Mon Mar 10 13:50:48 UTC 2008


Please correct me if I'm reading this incorrectly. But it sounds like 
you're saying the firewalls worked fine until you implemented pfsync, is 
this correct?

You read incorrecly,  evertything is OK with pfsync

If so try backing out of that to isolate that change and confirm this. 
I've seen pfsync packets either by lost of "slow" in synchronizing with 
the other firewall and as a result state mismatching occurring on the 
secondary firewall (if both are active - i.e. arp balance). If you're 
using that try disabling it and see if there is an improvement.

Also, have you made any modifications to sysctl.conf and loader.conf? If 
so please post them here.


everthing was ok until we start tomake backups passing through the firewall.  The only thing that Ichange AFTER the problem was:

ADD this line on sysctl.conf: 

net.inet.ip.ifq.maxlen=1024

but it didn't solve the problem.

 

Lorenz.



      Abra sua conta no Yahoo! Mail, o único sem limite de espaço para armazenamento!
http://br.mail.yahoo.com/


More information about the freebsd-pf mailing list