On 20 Jan 2017, at 22:12, Ermal Luçi wrote:
Most probably your timeouts are aggressive on states garbage
collection.
Give a look to those state limit teardown it might improve things.
Less than 30 seconds seems extremely quick to time out.
I also wouldn’t expect pf to set up NAT state in the middle of a TCP
connection.
It’s certainly worth a try to play with the timeouts though.
It might be interesting to see what they’re set to right now. `pfctl
-s all` should show them.
Regards,
Kristof
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
