On Tue, Feb 27, 2007 at 03:50:03PM +0000, Darren Reed wrote:
> On Sat, Feb 17, 2007 at 06:46:19PM +0000, Patrick Welche wrote:
> > On Mon, Mar 27, 2006 at 09:47:14PM +0000, Darren Reed wrote:
> > > When the limits are reached, you'll see a non-zero number next to the
> > > line with "maximum" in it from running "ipfstat -s".
> > 
> > If you do see a number next to the line with "maximum" (as I have just
> > witnessed on our last "network is slow" session) what can you do about
> > it?
> 
> You need to increase the hash table size.
> 
> IPSTATE_SIZE and IPSTATE_MAX are what need to be increased.
> 
> If you're building your own kernel, /sys/dist/ipf/netinet/ip_state.h
> is the file to change.

Is

  ipf -T fr_statemax=...,fr_statesize=...

equivalent? And should I worry about non-zero "max bucket" ? e.g.:

IP states added:
        7144663 TCP
        224870 UDP
        134908 ICMP
        1101070506 hits
        7975148 misses
        74 maximum
        0 no memory
        3 max bucket
        74 maximum
        0 no memory
        15749 bkts in use
        27899 active
        0 expired
        25422 closed
State logging enabled

State table bucket statistics:
        15749 in use    
        31.48% bucket usage
        0 minimal length
        7 maximal length
        1.393 average length


Cheers,

Patrick