On 1/23/07, Max Laier <[EMAIL PROTECTED]> wrote:
On Tuesday 23 January 2007 13:09, Eduardo Meyer wrote:
> Please, see: > > # pfctl -s memory > states hard limit 5000 > src-nodes hard limit 10000 > frags hard limit 2500 > > # pfctl -s info | grep "current entries" > current entries 13770 > > What am I confusing here, or this really should not happen? What does "vmstat -z | grep ^pf" give? A quick check here suggests that this might be a problem in the zone(9) allocator as the limit is correctly propergated to the the uma zone in question, but not enforced it seems.
Max, thanks for asking. Here it's what the command returns # vmstat -z | grep ^pf pfsrctrpl: 100, 10023, 0, 78, 77 pfrulepl: 604, 0, 140, 88, 17555 pfstatepl: 260, 5010, 8096, 1879, 38569766 pfaltqpl: 128, 0, 0, 0, 0 pfpooladdrpl: 68, 0, 72, 152, 8534 pfrktable: 1240, 0, 5, 4, 89 pfrkentry: 156, 0, 10, 40, 481 pfrkentry2: 156, 0, 0, 0, 0 pffrent: 16, 2639, 0, 0, 0 pffrag: 48, 0, 0, 0, 0 pffrcache: 48, 10062, 0, 0, 0 pffrcent: 12, 50141, 0, 0, 0 pfstatescrub: 28, 0, 0, 0, 0 pfiaddrpl: 92, 0, 12, 114, 260 pfospfen: 108, 0, 345, 51, 22770 pfosfp: 28, 0, 188, 193, 12408 Right now I have some fewer sessions: # pfctl -s info | grep "current entries" current entries 8306 But way higher than the configured limit of 5k. -- =========== Eduardo Meyer pessoal: [EMAIL PROTECTED] profissional: [EMAIL PROTECTED] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
