Contents of Users-l digest...

Ladislav Kohout omicron.czech at gmail.com
Mon Mar 4 12:44:15 CET 2013


rgrenar na seznam.cz wrote:

> 1) in var/log/messages : named[69750]: client *ip removed*#37095: error
> sending response: not enough free resources
> 2) network cards(intel), cables, switch(cisco) changed without positive
> result
> 3) system is FreeBSD 9.0, ipfw,gateway,natd,inetd enabled
> 4) DNS is only forwarded
> 5) i found this problem in lots of discussion from bsd ver. 4.0 but with
> no solutions
>

Ahoj,

  zalezi na tom pro jaky ucel je konfigurovany ten zmineny ipfw.

Resil jsem na jednom stroji s 8.2, kde ipfw s altq resi QoS, zaroven je i
primarni dns.

V ipfw mam pravidla ktere predavaji rizeni do pf resp altq.
Prisel jsem na to ze pokud se fronta jednoho uzivatele preplni (proste
uzivatel moc taha) tak se dns pakety z jeho adres zpozdi a zacne se
objevovat hlaska not enough free resources

Vyresil jsem to tak ze jsem v pravidlech zvysil pocty paketu, ktere se maji
ve fronte drzet - qlimit:

hlavni queue na if:
altq on em0 hfsc bandwidth 20Mb qlimit 40000

uzivatelska queue:
queue 16_i bandwidth 128Kb qlimit 200 priority 4 hfsc

system:
FreeBSD 8.2-RELEASE-p2


Doporucuji take prekontrolovat nastaveni systemovych promenych tykajicich
se firewallu.
Hlavne jestli je zapnuty fastforwarding a velikosti bufferu:

net.inet.ip.fastforwarding
net.inet.udp.recvspace
net.inet.udp.maxdgram
net.local.stream.recvspace
net.local.stream.sendspace
net.inet.tcp.delayed_ack
net.inet.tcp.sendspace
net.inet.tcp.recvspace
net.inet.tcp.sendbuf_max
net.inet.tcp.recvbuf_max

Snad te to nakopne spravnym smerem.

-- 
Ladislav Kohout, DiS.


More information about the Users-l mailing list