Charles Amstutz([email protected]) on 2019.01.30 23:16:17 +0000: > Hello > > We are running into an issue with a lot of dropped packets where states are > failing to be created. We have noticed that it coincides with a fair amount > of congestion, around 10-15/s according to 'pfctl -si'. > > We finally tried disabling our Carp Interfaces (we are using carp for > failover) and the problem seems to completely go away. We have 53 carp > interfaces on these two boxes and are just looking for some input on what > might be causing an issue like this, where having carp interfaces enabled is > causing such high congestion. > > We are running OpenBSD 6.4. > > Thanks,
Set sysctl net.inet.carp.log=7 (and activate carp again). What does it show (in /var/log/messages)? Also, whats the output of sysctl net.inet.ip.ifq.drops sysctl net.inet6.ip6.ifq.drops netstat -m pfctl -vsi ?
