On Sat, Feb 17, 2007 at 06:46:19PM +0000, Patrick Welche wrote:
> On Mon, Mar 27, 2006 at 09:47:14PM +0000, Darren Reed wrote:
> > When the limits are reached, you'll see a non-zero number next to the
> > line with "maximum" in it from running "ipfstat -s".
> 
> If you do see a number next to the line with "maximum" (as I have just
> witnessed on our last "network is slow" session) what can you do about
> it?

So "maximum" corresponds to fr_statemax being full? So the answer is
increase fr_statemax and fr_statesize to prime numbers with
fr_statemax ~= 0.7 fr_statesize.

I assume that if this is wrong, someone will tell me...

Cheers,

Patrick