Eugene Grosbein wrote:
On Tue, Oct 06, 2009 at 02:21:38PM +0500, rihad wrote:
Is there some limit on the number of IP addresses in an ipfw table?
No, generally handles much more. Please show your ipfw rule(s)
containing 'tablearg'.
01031 x x allow ip from any to any
01040 x x skipto 1100 ip from table(127) to any out
recv bce0 xmit bce1
01060 x x pipe tablearg ip from any to table(0) out
recv bce0 xmit bce1
01070 x x allow ip from any to table(0) out recv bce0
xmit bce1
01100 x x pipe tablearg ip from any to table(2) out
65535 x x allow ip from any to any
table(127) contains country-wide ISPs' netblocks (under 100 entries).
table(0) and table(2) contain same user IP addresses, but different pipe
IDs - normally around 3-4k entries each.
Now please pay special attention to rule 1031. I've added it to bypass
dummynet and stop packets from being dropped for now. Normally the rule
isn't there.
As I found out today after rebooting, drops only start occurring when
the number of entries in table(0) exceeds 2000 or so (please see my
previous email). Maybe it's a coincidence - I don't know. Global traffic
load doesn't matter - it was approximately the same before and after the
drops (around 450 mbit/s).
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
