On Fri, Mar 25, 2011 at 3:37 AM, Kleber Rocha <kli...@gmail.com> wrote: > Hi, > > I have two openbsd box with pf as firewall, with heavy load I get this error > on message: > > Mar 24 19:13:29 fw01 /bsd: WARNING: mclpools limit reached; increase > kern.maxclusters > > But, both firewalls crash, How can I fix this? > > Thanks > > My sysctl.conf is configured like this: > kern.maxfiles=65536 > # Multipath > net.inet.ip.multipath=1 > > # carp > net.inet.carp.allow=1 > net.inet.carp.log=1 > net.inet.carp.preempt=1 > #net.inet.carp.arpbalance=1 > > net.inet.tcp.recvspace=262144 > net.inet.tcp.sendspace=262144 > net.inet.udp.recvspace=262144 > net.inet.udp.sendspace=262144 > > net.inet.tcp.keepinittime=150 > #net.inet.tcp.keepinittime=10 > net.inet.tcp.keepidle=14400 > #net.inet.tcp.keepidle=30 > net.inet.tcp.keepintvl=150 > #net.inet.tcp.keepintvl=30 > net.inet.tcp.rstppslimit=100 > #net.inet.tcp.rstppslimit=400 > net.inet.ip.redirect=1 > #net.inet.ip.redirect=0 > net.inet.ip.maxqueue=300 > #net.inet.ip.maxqueue=1000 > kern.somaxconn=128 > #kern.somaxconn=256 > net.inet.ip.ifq.maxlen=256 > kern.maxclusters=262144 >
And may be of some interest to know where did you get those recommendations? Smells like calomel.org or similar
