From owner-freebsd-pf@FreeBSD.ORG Mon Mar 10 13:50:48 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 766F41065672 for ; Mon, 10 Mar 2008 13:50:48 +0000 (UTC) (envelope-from lorenzhelleis@yahoo.com.br) Received: from web53704.mail.re2.yahoo.com (web53704.mail.re2.yahoo.com [206.190.37.25]) by mx1.freebsd.org (Postfix) with SMTP id 4AC088FC3A for ; Mon, 10 Mar 2008 13:50:48 +0000 (UTC) (envelope-from lorenzhelleis@yahoo.com.br) Received: (qmail 89688 invoked by uid 60001); 10 Mar 2008 13:50:47 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.br; h=X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:Cc:MIME-Version:Content-Type:Message-ID; b=Ag0/hkvYJdQH/ldNmgG0ZEh+SX9gAPA1j8yRj+HmdH4pmjsFt/2pe2vCjhoWjwrSQQsl21383az4DYsXZZ3gaurl1Y+2lqXS0NJcrV7gUwneMpObZAgAe7TOW4vpn0WpEA2m2S8j1kypfKEcDUvA0DpHwNDrO4fCfkNqqRdLw/8=; X-YMail-OSG: m3I0m_4VM1lV5EAKgnHy2QmlteqqYluqQVMlZpibLq2TS.2lii7lks8.38TY0nbEvZpqtyVj7DOK2xEFVtTxZVsYCYVWvDNwiV68QIy9N2WTNkGvDm9pX81c3hR_Uw-- Received: from [200.189.112.13] by web53704.mail.re2.yahoo.com via HTTP; Mon, 10 Mar 2008 06:50:47 PDT X-Mailer: YahooMailRC/902.35 YahooMailWebService/0.7.162 Date: Mon, 10 Mar 2008 06:50:47 -0700 (PDT) From: Lorenz Helleis To: Chris Marlatt MIME-Version: 1.0 Message-ID: <418597.89158.qm@web53704.mail.re2.yahoo.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-pf@freebsd.org Subject: Res: Dropped Packets X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Mar 2008 13:50:48 -0000 Please correct me if I'm reading this incorrectly. But it sounds like =0Ayo= u're saying the firewalls worked fine until you implemented pfsync, is =0At= his correct?=0A=0AYou read incorrecly, evertything is OK with pfsync=0A=0A= If so try backing out of that to isolate that change and confirm this. =0AI= 've seen pfsync packets either by lost of "slow" in synchronizing with =0At= he other firewall and as a result state mismatching occurring on the =0Asec= ondary firewall (if both are active - i.e. arp balance). If you're =0Ausing= that try disabling it and see if there is an improvement.=0A=0AAlso, have = you made any modifications to sysctl.conf and loader.conf? If =0Aso please = post them here.=0A=0A=0Aeverthing was ok until we start tomake backups pass= ing through the firewall. The only thing that Ichange AFTER the problem wa= s:=0A=0AADD this line on sysctl.conf: =0A=0Anet.inet.ip.ifq.maxlen=3D1024= =0A=0Abut it didn't solve the problem.=0A=0A =0A=0ALorenz.=0A=0A=0A=0A = Abra sua conta no Yahoo! Mail, o =C3=BAnico sem limite de espa=C3=A7o para= armazenamento!=0Ahttp://br.mail.yahoo.com/