Lost packets - strange problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi!

I'm having a very strange problem. I have already tested a *lot* of
things before asking, and I still have no clue of wha't happening.

I have 6 linux boxes acting as firewalls/routers. They are using
similar configurations and netfilter rules since 4 years ago, when I
installed the first of these. Some of them route more than 10 Mbps
between interfaces, 50000+ connections tracked with netfilter, traffic
shaping, NAT, and stuff, and they don't even blink.

BUT, two of them started giving headaches, they doesn't have the
highes usage, but they lose packets (in any interface) up to 80%,
sometimes softirqd eats all the cpu, and you cannot even connect to
the boxes. This does not happen from the very first day, and not all
the time!

I tried rewriting the rules, turning off traffic shaping, changing
NICs, then changing ALL the hardware (they have some very nice and
fast hardware now). I even migrated from debian woody with 2.4.x 
kernels to debian sarge with 2.6.8 kernels and the problem is still
the same. I don't really know what to do.

I suspect that this could be triggered by some internet DoS attack,
but I didn't find anything special (I have already solved the
recursion problem with DNS servers). The 6 servers receive loads of
dumb attacks all the time.

Any help would be greatly appreciated!

PS: please, CC me, I'm not subscribed.

--
Martín Ferrari
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux