Re: dtrace to trace incoming connection not suceeding ?

Reply: tuexen_a_freebsd.org: "Re: dtrace to trace incoming connection not suceeding ?"
In reply to: tuexen_a_freebsd.org: "Re: dtrace to trace incoming connection not suceeding ?"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Kurt Jaeger <pi_at_freebsd.org>
Date: Fri, 12 Nov 2021 15:29:18 UTC

Hi!

> >>> The basic ipfw firewall is active, but
> >> Does it work, if you disable ipfw?

> > No, unfortunatly not.

> OK. Can you provide the output of
> netstat -sptcp
> after some packets were dropped.

https://people.freebsd.org/~pi/logs/netstat-t1.txt
https://people.freebsd.org/~pi/logs/netstat-t2.txt

4 connection attempts in that time.

On the same 10g ix0 interface we have three VLANs:
- one (vlan551) of them uses tcp-md5 for another bgp session
- one (vlan500) does not use tcp-md5, and has the problem
- one (vlan724) does not use tcp-md5 for bgp, and works fine

-- 
pi@FreeBSD.org         +49 171 3101372                  Now what ?