"pfctl -x loud" when the SHTF
pfctl -s and netstat -s
Net-SNMP + MRTG on your interfaces?
Any errors on "netstat -i" ?
~BAS
On Tue, 5 Jun 2007, Open Phugu wrote:
On 6/5/07, Karl Kopp <[EMAIL PROTECTED]> wrote:
Hi All,
I have a strange issue. We are using a OpenBSD 3.9 box running on an
AMD64 CPU. Its doing BGP with our upstream provider and has some basic
pf rules.
Occasionally, the network slows to a crawl. I setup some external
monitoring, and while a few simple HTTP checks of boxes on our network
normally take a second or 2 (from 2 separate locations outside our
network), this just went up to over 100 seconds and was only resolved
by restarting the box.
I'm learning this stuff, so am super keen if a) this is normal
behavior (I'm guessing not) and b) how can I work out what is causing
the problems? I've checked messages, and there is nothing strange in
there (just some ftp-proxy 'client reset connection' and 'server
refused connection' messages) and daemon (a few BGP updates not many).
On restart, I get a flood of BGP updates.
Where should I be looking? Should I just restart bgpd next time or
does this seem like something else?? Any advice would be greatly
appreciated!
Post your dmesg, the contents of /etc/pf.conf and your BGP configuration
file. Doing so will not solve your issue but it will give other members of
the list more information about your setup.
l8*
-lava (Brian A. Seklecki - Pittsburgh, PA, USA)
http://www.spiritual-machines.org/
"Guilty? Yeah. But he knows it. I mean, you're guilty.
You just don't know it. So who's really in jail?"
~James Maynard Keenan
