On 12/19/10 4:16 AM, Henning Brauer wrote:
* Ryan McBride<mcbr...@openbsd.org> [2010-12-03 09:52]:
On Thu, Dec 02, 2010 at 11:22:08PM -0500, Godesi wrote:
2. How much states can i "really" have on a box that has 4 gig ram?
More than 100,000. I havn't tested lately (planning to do so soo), but I
would expect somewhere closer to 500,000.
you're way off ;)
I had 2 million during a DDoS. things got a bit slow but everything
worked.
Hmm..thanks guys. I am stumped as even with 100K states set in pf, the
box was dying. Dying meaning I couldn't ssh (intermittent) , carp was
failing etc, relayd (intermittent failure on the checks etc).
Using pftop I saw that there was only slight increase in states (around
15-20K - total). As I tried bunch of things which didn't work. When
the traffic was around 8-10K (total) states then the box was responding
perfectly well. I am on 4.7 for amd64. This has now happened around 4
times and I am totally clueless now as to what should my next
troubleshooting step be like. Wondering if there is some issue with 4.7
amd64.
