On 20 Jan 2017, at 21:31, Bakul Shah wrote:
$ pfctl -s info
Status: Enabled for 167 days 13:40:11 Debug: Urgent
State Table Total Rate
current entries 0
searches 2870986757 198.3/s # this
seems high...
inserts 3428240 0.2/s
removals 3428240 0.2/s
Counters
match 1482741914 102.4/s
bad-offset 0 0.0/s
fragment 1 0.0/s
short 0 0.0/s
normalize 0 0.0/s
memory 0 0.0/s
bad-timestamp 0 0.0/s
congestion 0 0.0/s
ip-option 31 0.0/s
proto-cksum 0 0.0/s
state-mismatch 28931 0.0/s
You gave a decent number of state-mismatch errors here.
It’s worth checking if that number increments whenever you see a
dropped NAT connection.
Regards,
Kristof
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
