Current-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: npf bug(?)
On Sun, 9 Apr 2017, Christos Zoulas wrote:
Perhaps you get a lot of dup fragments? netstat -s should show you the
stack's reassembly and fragment stats. Perhaps those agree with what
npf shows?
Currently the patch is active. That's why I have no npf statistics. The
netstat statistics seem to me credible.
If npf checks the fragmentation, then the counters of npf and the ip stack
run parallel? Or are the ip stack only counted the packets the npf leaves?
netstat -s shows:
ip:
413339977 total packets received
0 bad header checksums
0 with size smaller than minimum
0 with data size < data length
0 with length > max ip packet size
0 with header length < data size
0 with data length < header length
0 with bad options
0 with incorrect version number
1795 fragments received
0 fragments dropped (dup or out of space)
0 fragments dropped (out of ipqent)
335 malformed fragments dropped
440 fragments dropped after timeout
636 packets reassembled ok
410154493 packets for this host
35 packets for unknown/unsupported protocol
10 packets forwarded (6 packets fast forwarded)
3183945 packets not forwardable
0 redirects sent
0 packets no matching gif found
218900862 packets sent from this host
0 packets sent with fabricated ip header
0 output packets dropped due to no bufs, etc.
0 output packets discarded due to no route
31819922 output datagrams fragmented
33505129 fragments created
0 datagrams that can't be fragmented
0 datagrams with bad address in header
Regards
Uwe
Home |
Main Index |
Thread Index |
Old Index