of state.
This is very common in load balances, of layer3.
Thanks!
--
Diego Linke
Public Key: http://www.gamk.com.br/gamk.asc
Alexey,
have you tried source-hash option instead of source tracking?
The option source-hash, would not function therefore goes to have
problem the same Source expirations.
--
Diego Linke
Public Key: http://www.gamk.com.br/gamk.asc
Alexey,
is here do not share session means originate each session from
different IP address?
Not! The problem is when I erase a server of mine load I balance and it
continues sending connection in this server.
--
Diego Linke
Public Key: http://www.gamk.com.br/gamk.asc
(time sucifiente for state to be extinguished)
and later reusing the system.
PS: This happens with some applications of my customers.
Thanks!
--
Diego Linke
Public Key: http://www.gamk.com.br/gamk.asc
Alexey,
$ sudo pfctl -sa | grep tcp.established
tcp.established 86400s
I work with firewalls with high traffic and have that to work with
parameters well more aggressive of timeouts.
--
Diego Linke
Public Key: http://www.gamk.com.br/gamk.asc
which you busted manually by src.track. i think you
should try less complicated setup without src.track.
In this case to keep in the same serving I will have that to leave the
values of very great tcp.closing and tcp.closed, keeping in firewall
states unnecessary.
Thanks!!
--
Diego Linke
.
--
Diego Linke
Public Key: http://www.gamk.com.br/gamk.asc
?
This is not work!
The problem is that this command to erase the STATES, however the SOURCE
keeps.
Thanks
--
Diego Linke
Public Key: http://www.gamk.com.br/gamk.asc
8 matches
Mail list logo
