Network Interface 'overload' in 4.11

Jim Durham durham at
Thu Aug 18 16:14:42 GMT 2005


This is the 2nd or 3rd time I have seen this and wondered if 
there is a solution.

Recently, one of our 4.11 servers that we had just installed at 
one of our offices with about 50 users got extremely slow and 
non-responsive after a few hours of operation.  I was unable to 
do an ssh login to this box, but it stayed up according to 
people on the scene.

This box is running natd with the usual setup, an outside 
interface hooked to a T1 with the outside IP and the local LAN 
hooked up through switches to the inside interface with a class 
C private network with  192.168.x.x addresses, handing out DHCP 
over that interface.

My assistant was on scene and got on the phone with me when this 
happened and confirmed that the box was up and responsive to 
console commands.  I asked him to pull the ethernet to the 
inside interface. Instantly, I was able to ssh in to the outside 
address and the web server on the box became responsive again.

Then we put the cable back and I tried tcpdump to see where the 
'overload' was coming from. tcpdump showed virtually no traffic 
on the inside interface. We resorted to going through the 
switches and looked for a link light that was flickering the 
most, pulled out that cable, which went to only one Windows box 
and the whole network returned to normal.

Now, this box was somehow spewing packets at a high enough rate 
(it's a 1ghz inside network) to 'shut down' the 4.11 server's 
networking.  This is obviously not a good situation. It looks 
like the interface was dropping almost all packets at that 

I had this same problem a year or two ago with a 4.x box. At that 
time I tried playing with various sysctls.  I had no real luck.

Does anyone have any experience with this phenomenum and can you 
suggest a cure?

Thanks very much,


More information about the freebsd-questions mailing list