after a while the jitter ( 160 ) increases. reboot helps. FreeBSD 12.1-STABLE r362880 GENERIC amd64
does not work correctly. Inhibits. Sites are not displayed correctly.
# ipf -T list | grep nat_table nat_table_size min 1 max 2147483647 current 2047 nat_table_max min 1 max 2147483647 current 30000 nat_table_wm_low min 1 max 99 current 90 nat_table_wm_high min 2 max 100 current 99 # ipf -T list | grep tcp_timeout tcp_timeout min 1 max 2147483647 current 480 tcp_timeout min 1 max 2147483647 current 480 # ipf -T list | grep tcp_close_wait tcp_close_wait min 1 max 2147483647 current 480 tcp_close_wait min 1 max 2147483647 current 480 # ipf -T list | grep tcp_idle_timeout tcp_idle_timeout min 1 max 2147483647 current 864000 tcp_idle_timeout min 1 max 2147483647 current 864000
# ipnat -s 0 proxy create fail in 0 proxy fail in 74791 bad nat in 74793 bad nat new in 0 bad next addr in 1207795 bucket max in 0 clone nomem in 0 decap bad in 0 decap fail in 0 decap pullup in 0 divert dup in 0 divert exist in 74791 drop in 0 exhausted in 0 icmp address in 0 icmp basic in 198100 inuse in 0 icmp mbuf wrong size in 224085 icmp header unmatched in 0 icmp rebuild failures in 0 icmp short in 0 icmp packet size wrong in 0 IFP address fetch failures in 100436428 packets untranslated in 0 NAT insert failures in 4685309 NAT lookup misses in 99451835 NAT lookup nowild in 0 new ifpaddr failed in 0 memory requests failed in 0 table max reached in 101083098 packets translated in 74224 finalised failed in 0 search wraps in 0 null translations in 569 translation exists in 0 no memory in 8% hash efficiency in 99.22% bucket usage in 0 minimal length in 22 maximal length in 12.115 average length in 0 proxy create fail out 0 proxy fail out 593230 bad nat out 1283213 bad nat new out 0 bad next addr out 148812 bucket max out 0 clone nomem out 0 decap bad out 0 decap fail out 0 decap pullup out 0 divert dup out 0 divert exist out 593230 drop out 830 exhausted out 0 icmp address out 0 icmp basic out 199870 inuse out 0 icmp mbuf wrong size out 130769 icmp header unmatched out 0 icmp rebuild failures out 0 icmp short out 0 icmp packet size wrong out 0 IFP address fetch failures out 129287437 packets untranslated out 0 NAT insert failures out 4541553 NAT lookup misses out 130592534 NAT lookup nowild out 0 new ifpaddr failed out 0 memory requests failed out 0 table max reached out 73443710 packets translated out 1282383 finalised failed out 0 search wraps out 0 null translations out 0 translation exists out 0 no memory out 8% hash efficiency out 98.83% bucket usage out 0 minimal length out 22 maximal length out 11.957 average length out 0 log successes 0 log failures 108217 added in 1828100 added out 4783 active 0 transparent adds 0 divert build 1899631 expired 0 flush all 0 flush closing 0 flush queue 0 flush state 0 flush timeout 1307682 hostmap new 0 hostmap fails 1811210 hostmap add 0 hostmap NULL rule 0 log ok 0 log fail 0 orphan count 82 rule count 8 map rules 74 rdr rules 0 wilds
2 how to increase the parameter? nat_table_max min 1 max 2147483647 current 30000
sysctl net.inet.ipf.ipf_nattable_sz=32765 net.inet.ipf.ipf_nattable_sz: 2047 sysctl: net.inet.ipf.ipf_nattable_sz=32765: Device busy