Subject: weird ipnat problem (on ancient 1.4U)
To: None <email@example.com>
From: Herb Peyerl <firstname.lastname@example.org>
Date: 01/06/2005 10:27:42
so, this is a little weird and I'm probably going to receive a lot of
"upgrade" advice... I'm also not entirely clear whether this is the
right place to put this ....
On with it...
So I have a NetBSD/i386 firewall in front of a webserver/oracle
server/java box/etc ... I have port 80 rdr'd from the external
interface to the port 80 on the internal apache server... This has been
running this way happily for 4 or 5 years generally hovering around
7000 RDR's in the table ...
Recently, as in, since about the middle of december, I've noticed that
the number of RDR's in the table are increasing... as in, they never
seem to get expired away... This is a fairly recent phenomena ...
I can't imagine what's changed... I haven't rebooted the machine in
over a year and it typically has uptimes of 2-3 years... But now, every
few days, I have to flush the NAT tables...
Here's a graph that shows the behavior:
Anyone got any ideas? Did something fundamental change in the world of
http that would be causing this? There's no significant occurences of
any groups of IP addresses or anything ....
I do intend to upgrade the machine in a few weeks, but I'm afraid that
the problem will remain ...