Hi all,
Today i googled a little and found someone saying that this problem
could be something related with exhaustion of mbuf's. Then i executed a
netstat -m im my test firewall, which was running with sticky-address,
and it was with it's mbuf's ok. Then i used the sticky-address in my
main firewall, and the mbuf's were even with a lower usage than in my
test firewall. Seriously, i don't know where to look. There is some
problem with the network cards being in the same IRQ address?
Also, something very weird happened while using my test firewall. One
machine behind it, was assigned to an specific gateway, with a source
track entry not expired and with stated and connections. Then, i don't
know why, the machine started get it's packets sent through the other
gateway. When i pinged some internet ip address, it returned to me some
messages about the next hop being redirected to the other gateway (not
the one in the source track entry) but, it did not lost it's internet
connectivity.
I also want to know if the sticky-address with round-robin is the most
recommend for my case. I can't use source-hash, because i do have 2
different ADSL providers, with 2 ADSL modems, each on an interface.
Also, i want to know if trunk would solve my problem in this case.
Thanks in advance,
--
Giancarlo Razzolini
Linux User 172199
Moleque Sem Conteudo Numero #002
Slackware Current
OpenBSD Stable
Snike Tecnologia em Informatica
4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
