Date: Tue, 14 Sep 2010 12:36:57 +0200 From: Gareth de Vaux <bsd@lordcow.org> To: stable@freebsd.org Subject: Re: ipfw: Too many dynamic rules Message-ID: <20100914103657.GA57521@lordcow.org> In-Reply-To: <20100910114908.GA55978@lordcow.org> References: <20100909153902.GA28341@lordcow.org> <20100909162009.GA80375@icarus.home.lan> <20100910114908.GA55978@lordcow.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri 2010-09-10 (13:49), Gareth de Vaux wrote: > > Thirdly, if you feel FIN_WAIT2 is the cause of your problem, then you > > should consider adjusting the following sysctl: > > > > net.inet.tcp.finwait2_timeout > > > > Try something like 15000 (15 seconds) instead of the default (60000). > > Ok that seems to be doing something. Will report back later. Nope it's not helping. That and/or dropping net.inet.ip.fw.dyn_ack_lifetime.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100914103657.GA57521>