On 1/5/2003 1:05 PM, Josh Brooks wrote:
What processor and NICs do you use? This sounds like your machine is being pushed into livelock, which shouldn't happen at the traffic load you described (when you say "megs", do you mean Mb/s or MB/s?) Complicated firewall rule sets also eat CPU time.I am running this as my firewall/router:4.4-RELEASE FreeBSD 4.4-RELEASE #0 And I have no ability to change that anytime soon. Recently I have been having a lot of trouble with floods/ddos/etc. When these attacks occur, my firewall is totally unresponsive, I cannot ssh in to type a single command (and thus cannot tcpdump anything) and clients of systems on the inside either get no response, or get:
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
