Re: PF Problems

To: Steve Pribyl <spribyl%peel.com@localhost>
Subject: Re: PF Problems
From: Patrick Welche <prlw1%cam.ac.uk@localhost>
Date: Fri, 17 Jul 2009 13:28:57 +0100

On Thu, Jul 16, 2009 at 09:32:55PM -0500, Steve Pribyl wrote:
> I am using NetBSD 4.0 with Carp and pf.
> The problem is pf works great for a while then starts to not work,
> slow, refuses pings, forwarding, etc in a random way.
> 
> So, I need so suggestions on how to debug this or even if someone
> has seen or heard of this before.

Roughly how many hosts have you got on your network? Are you using
network address translation?

Just guessing: many many connections all holding state, state table becomes
full so no more new connections allowed through. Some connection finishes,
so now there is room for a new one, so "randomly" works again...

pfctl -s all

Should show what is going on... My impression though is that defaults are
fine for hundreds of hosts, so check through your rules?

Cheers,

Patrick

Follow-Ups:
- Re: PF Problems
  - From: Steve Pribyl

References:
- PF Problems
  - From: Steve Pribyl

Prev by Date: Re: using dhcpcd-gtk and wpa_gui questions
Next by Date: Re: using dhcpcd-gtk and wpa_gui questions
Previous by Thread: PF Problems
Next by Thread: Re: PF Problems
Indexes:

Home | Main Index | Thread Index | Old Index