DragonFly kernel List (threaded) for 2008-04
Re: FairQ ALTQ for PF - Patch #2
On Monday 07 April 2008 00:36:29 Matthew Dillon wrote:
> :Matthew Dillon wrote:
> :> This has been running well on my router and doesn't really
> :> effect other ALTQ disciplines so I am going to go ahead and commit
> :> it to clear room to port the probability keyword that Cedric
> :> mentioned, before I get back to finishing up HAMMER.
> :> -Matt
> :For some reason, since a week ago, your servers have been unreachable
> : to Linux clients. The problem can be temporarily bypassed by setting
> : the Linux sysctl net.ipv4.tcp_window_scaling to 0
> :Robert Luciani
> It's got to be something PF (packet filter) is doing. I was using
> a Cisco with the T1. I'm using a DFly box running PF with the DSL
> line. I'm trying to track it down.
This is usually a symptom of creating state on a TCP packet other than the
initial SYN. Make sure you add "flags S/SA" to all your tcp keep state
rules. There is plenty on this in the FAQs and lists (freebsd-pf@ and
the OpenBSD pf list) for more detailed reference.
/"\ Best regards, | email@example.com
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier@EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News