On 14/10/2011 19:58, Gavin Atkinson wrote: >> > 3. PF doesn't expire state. The state table on my older host (pre >> > OpenBSD-4.5) has the following stats: >> > >> > Status: Enabled for 0 days 00:37:17 Debug: Urgent >> > State Table Total Rate >> > current entries 169546 >> > searches 94387451 42193.8/s >> > inserts 4012389 1793.6/s >> > removals 3842843 1717.9/s >> > >> > The 9-BETA3 host's current entries exactly match the number >> > of inserts until it hits the hard limit of 1.5M entries and >> > can add no more. It takes about 10 minutes to fill up and >> > then no new flows are routed. > I've seen a few reports of this, and it's quite concerning. Please, can > you submit this as a PR? For tracking, this was a previous report with apparently a temporary workaround. http://lists.freebsd.org/pipermail/freebsd-pf/2011-October/006333.html I have a stable-9 virtual machine i can test on if needed but I have pf loaded as a module at the moment so dont have the issue. VinceReceived on Fri Oct 14 2011 - 18:04:27 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:19 UTC