Strange numbers for pfsync

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Strange numbers for pfsync

Carlos Lopez
Hi all,

 After upgrade my two OpenBSD carp’ed fws to 6.7, I am seeing a lot of “failed state lookup/inserts” statistics.

 On firewall A:

pfsync:
        5487 packets received (IPv4)
        0 packets received (IPv6)
                0 packets discarded for bad interface
                0 packets discarded for bad ttl
                0 packets shorter than header
                0 packets discarded for bad version
                0 packets discarded for bad HMAC
                0 packets discarded for bad action
                0 packets discarded for short packet
                0 states discarded for bad values
                2 stale states
                2879 failed state lookup/inserts
        9539 packets sent (IPv4)
        0 packets sent (IPv6)
                0 send failed due to mbuf memory error
                4 send error

 On firewall B:

pfsync:
        9466 packets received (IPv4)
        0 packets received (IPv6)
                0 packets discarded for bad interface
                0 packets discarded for bad ttl
                0 packets shorter than header
                0 packets discarded for bad version
                0 packets discarded for bad HMAC
                0 packets discarded for bad action
                0 packets discarded for short packet
                0 states discarded for bad values
                0 stale states
                2879 failed state lookup/inserts
        5485 packets sent (IPv4)
        0 packets sent (IPv6)
                0 send failed due to mbuf memory error
                2 send error

 How can I debug this? In principle, the firewalls are working well and I haven't noticed any problems with packet loss or any related problem.

Regards,
C. L. Martinez