Network Interface 'overload' in 4.11
durham at jcdurham.com
Thu Aug 18 16:14:42 GMT 2005
This is the 2nd or 3rd time I have seen this and wondered if
there is a solution.
Recently, one of our 4.11 servers that we had just installed at
one of our offices with about 50 users got extremely slow and
non-responsive after a few hours of operation. I was unable to
do an ssh login to this box, but it stayed up according to
people on the scene.
This box is running natd with the usual setup, an outside
interface hooked to a T1 with the outside IP and the local LAN
hooked up through switches to the inside interface with a class
C private network with 192.168.x.x addresses, handing out DHCP
over that interface.
My assistant was on scene and got on the phone with me when this
happened and confirmed that the box was up and responsive to
console commands. I asked him to pull the ethernet to the
inside interface. Instantly, I was able to ssh in to the outside
address and the web server on the box became responsive again.
Then we put the cable back and I tried tcpdump to see where the
'overload' was coming from. tcpdump showed virtually no traffic
on the inside interface. We resorted to going through the
switches and looked for a link light that was flickering the
most, pulled out that cable, which went to only one Windows box
and the whole network returned to normal.
Now, this box was somehow spewing packets at a high enough rate
(it's a 1ghz inside network) to 'shut down' the 4.11 server's
networking. This is obviously not a good situation. It looks
like the interface was dropping almost all packets at that
I had this same problem a year or two ago with a 4.x box. At that
time I tried playing with various sysctls. I had no real luck.
Does anyone have any experience with this phenomenum and can you
suggest a cure?
Thanks very much,
More information about the freebsd-questions