On Fri, 26 May 2006, Steve Phillips wrote:
Date: Fri, 26 May 2006 15:36:31 +1200
From: Steve Phillips <[EMAIL PROTECTED]>
To: [email protected]
Subject: Re: State table problems?
Peter Eisch wrote:
On 5/25/06 10:23 AM, "Jeff A. Earickson" <[EMAIL PROTECTED]> wrote:
All,
Stoopid question, but I couldn't find anything in Phil's FAQ,
the archives, or googling.
* How can I tell if my state table is full or near-full or in trouble?
------ Forwarded Message
From: Darren Reed <[EMAIL PROTECTED]>
Date: Mon, 27 Mar 2006 21:47:14 +0000
To: Peter Eisch <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Subject: Re: IPFilter practical limits?
Should there have been a message somewhere that the insert into the state
table failed or there was no more memory available?
When the limits are reached, you'll see a non-zero number next to the
line with "maximum" in it from running "ipfstat -s".
------ End of Forwarded Message
So you are saying that any value that is non-zero next to maximum shows a
state table that has reached its limits ?
I have three different numbers on three different yet identical servers and
am trying to figure out what the maximum value would actually be.
So which one is right ?
Server 1
bash-2.03# ipfstat -s
IP states added:
646374 TCP
3719 UDP
3 ICMP
96767577 hits
1503033 misses
843934 maximum
0 no memory
95 bkts in use
638666 active
3720 expired
7710 closed
I think Peter was talking about version 4.x output of "ipfstat -s".
Yours is version 3.x output, version 4.1.x output looks like so:
# ipfstat -s
IP states added:
1999185 TCP
5877243 UDP
28912 ICMP
2026447415 hits
8408737 misses
0 maximum <== What Peter mentioned, right?
0 no memory
1783 bkts in use
2621 active
5906064 expired
1996655 closed
State logging enabled
State table bucket statistics:
1783 in use
31.08% bucket usage
0 minimal length
10 maximal length
1.470 average length
The differences are doubling confusing... This topic does deserve
an FAQ entry and maybe an EXAMPLE section in the ipfstat manpage.
Thanks for your reply Peter.
Jeff Earickson
Colby College
