Charles Amstutz(charlesa@binary.net) on 2019.01.30 23:16:17 +0000:
> Hello
>
> We are running into an issue with a lot of dropped packets where states are failing to be created. We have noticed that it coincides with a fair amount of congestion, around 10-15/s according to 'pfctl -si'.
>
> We finally tried disabling our Carp Interfaces (we are using carp for failover) and the problem seems to completely go away. We have 53 carp interfaces on these two boxes and are just looking for some input on what might be causing an issue like this, where having carp interfaces enabled is causing such high congestion.
>
> We are running OpenBSD 6.4.
>
> Thanks,
Set sysctl net.inet.carp.log=7 (and activate carp again).
What does it show (in /var/log/messages)?
Also, whats the output of
sysctl net.inet.ip.ifq.drops
sysctl net.inet6.ip6.ifq.drops
netstat -m
pfctl -vsi
?
No comments:
Post a Comment