* Russell Fulton <[EMAIL PROTECTED]> [2007-10-25 07:44]: > I note that "memory" counter is going up at a rate of 0.1/s. My > understanding is that this counter is stepped when pf fails to get > memory for a state entry but we are no where near the state limit:
it goes up when pf cannot get memory for something, or something that is somewhat related to memory. grep for PFRES_MEMORY in /usr/src/sys/net. actually, I take that partially back. in 4.2, all PFRES_MEMORY are caused by pool_get failures, except one which is a failing m_copym (and thus a memory error too). the state limit is not too related to that. you can see memory shortage way below your set state limit. I'd say chances are good that 4.2 solves that for you. I bet most of tehse are from memory allocations for pf tags. They are not allocated in 4.2 any more. > Even more of a worry is the congestion counter is at 0.6/s and worse it that is not necessarily a problem. if net.inet.ip.ifq.maxlen is at 50 on your box, 4.2 will solve that too :) (ok. you can just bump it manually too. 4.2 defaults to 256) -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
