still using 2.0.X kernels and related tools.
I am 80% completed on migrating the remainder of my
internal LAN to Debian on SPARC and keeping one i386
box for other uses.
I set up wget to pull in some files from
ftp.us.debian.org
and
ftp.openbsd.org so I could make some CDROMs for myself
and to sell and/or give away at the next PLUG meeting.
In the process I found that the code in ipfwadm for IP-MASQ
cannot handle the connections I needed for pulling in site data.
the wget download would cause kernel panics in the "swapper"
or the system would lock up with no errors in any logs.
I was able to verify the problem easily by starting up wget.
6 continuous hours of kernel builds and memory tests were
done to make sure it wasn't something else.
The MagusNet Public Proxy peaked at 100RPM after I stopped
wget and the load went up as high as 15.00 with no errors
or failuers.
I hadn't bothered to update the kernel on my firewall
from 2.0.38 since the majority of the connections I
handle both incoming and outgoing are handled via proxy
not IP-MASQ and I don't upgrade unless there is a
pressing need for it.
So, if you plan to have a high volume TCP/UDP gateway
with lots of transient IP address traffic, I would
suggest going straight to 2.2.16 and using ipfilter
if you plan on using NAT/IP-MASQ.
Although this is the PLUG list, any BSD is also an option.
I corrected the problem by using the environment variables:
http_proxy
ftp_proxy
with wget and using my internal proxy to get the data.
Jean Francois Sends...
President & CEO - MagusNet, Inc., MagusNet.com, MagusNet.Gilbert.AZ.US
Director Of Managed Services - OpNIX,Inc.,
www.opnix.com
OpNIX - Simply Better Bandwidth
602-770-JLF1 - Cellular, ICQ: 8137851
(text/plain)