Схема с интернетом чуть служнее:
Кабель от провайдера заходит в микротик и всё прилетающее от провайдера засовывается в VLAN15.
VLAN2 с того же роутера - локалка для раздачи её по wifi. Эти два влана идут транком в fxp. Бридж для локалки целиком - обе re и vlan2 на fxp0.
По сервисам - ещё промежуточная tor нода непубличная, трафика минимум, нужна как соск прокся для обхода блокировок РКНа.
Stable и Release - да, местами перепутал. Был Release, обновился до Stable
Сейчас вот проглючило опять
Код:
# netstat -m
584/9796/10380 mbufs in use (current/cache/total)
579/697/1276/32768 mbuf clusters in use (current/cache/total/max)
579/686 mbuf+clusters out of packet secondary zone in use (current/cache)
0/40/40/189165 4k (page size) jumbo clusters in use (current/cache/total/max)
0/0/0/56049 9k jumbo clusters in use (current/cache/total/max)
0/0/0/31527 16k jumbo clusters in use (current/cache/total/max)
1304K/4003K/5307K bytes allocated to network (current/cache/total)
0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters)
0/0/0 requests for mbufs delayed (mbufs/clusters/mbuf+clusters)
0/0/0 requests for jumbo clusters delayed (4k/9k/16k)
0/0/0 requests for jumbo clusters denied (4k/9k/16k)
25 sendfile syscalls
22 sendfile syscalls completed without I/O request
3 requests for I/O initiated by sendfile
3 pages read by sendfile as part of a request
22 pages were valid at time of a sendfile request
0 pages were valid and substituted to bogus page
0 pages were requested for read ahead by applications
0 pages were read ahead by sendfile
0 times sendfile encountered an already busy page
0 requests for sfbufs denied
0 requests for sfbufs delayed
Блин, вместо vmstat два раза вставил от netstat, роутер уже перезагрузил. Как ещё глюканёт - выложу.
После перезагрузки и минут 10. Покрутил 10 минут фильм с хорошим битрейтом, потом снял. Пока жалоб в сислоге и видимых проблем нет:
Код:
# netstat -m
584/1951/2535 mbufs in use (current/cache/total)
580/690/1270/32768 mbuf clusters in use (current/cache/total/max)
580/685 mbuf+clusters out of packet secondary zone in use (current/cache)
0/173/173/189165 4k (page size) jumbo clusters in use (current/cache/total/max)
0/0/0/56049 9k jumbo clusters in use (current/cache/total/max)
0/0/0/31527 16k jumbo clusters in use (current/cache/total/max)
1306K/2559K/3865K bytes allocated to network (current/cache/total)
0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters)
0/0/0 requests for mbufs delayed (mbufs/clusters/mbuf+clusters)
0/0/0 requests for jumbo clusters delayed (4k/9k/16k)
0/0/0 requests for jumbo clusters denied (4k/9k/16k)
0 sendfile syscalls
0 sendfile syscalls completed without I/O request
0 requests for I/O initiated by sendfile
0 pages read by sendfile as part of a request
0 pages were valid at time of a sendfile request
0 pages were valid and substituted to bogus page
0 pages were requested for read ahead by applications
0 pages were read ahead by sendfile
0 times sendfile encountered an already busy page
0 requests for sfbufs denied
0 requests for sfbufs delayed
Код:
# vmstat -z
ITEM SIZE LIMIT USED FREE REQ FAIL SLEEP
UMA Kegs: 224, 0, 131, 5, 131, 0, 0
UMA Zones: 680, 0, 133, 2, 133, 0, 0
UMA Slabs: 80, 0, 1957, 43, 2170, 0, 0
UMA Hash: 256, 0, 9, 6, 14, 0, 0
4 Bucket: 32, 0, 24, 851, 2684, 0, 0
6 Bucket: 48, 0, 7, 823, 605, 0, 0
8 Bucket: 64, 0, 17, 789, 18256, 21, 0
12 Bucket: 96, 0, 23, 387, 17694, 0, 0
16 Bucket: 128, 0, 95, 432, 19736, 1, 0
32 Bucket: 256, 0, 42, 153, 7362, 7, 0
64 Bucket: 512, 0, 124, 92, 4102, 275, 0
128 Bucket: 1024, 0, 83, 153, 7634, 1, 0
256 Bucket: 2048, 0, 166, 16, 20258, 21, 0
vmem: 1792, 0, 3, 1, 3, 0, 0
vmem btag: 56, 0, 14306, 533, 14733, 105, 0
VM OBJECT: 256, 0, 24965, 295, 51573, 0, 0
RADIX NODE: 144, 0, 71018, 73, 123418, 0, 0
MAP: 240, 0, 3, 61, 3, 0, 0
KMAP ENTRY: 120, 0, 23, 241, 23, 0, 0
MAP ENTRY: 120, 0, 113272, 21005, 482616, 0, 0
VMSPACE: 2560, 0, 47, 7, 1535, 0, 0
fakepg: 104, 0, 0, 0, 0, 0, 0
64 pcpu: 8, 0, 3250, 334, 3250, 0, 0
mt_stats_zone: 64, 0, 443, 325, 443, 0, 0
mt_zone: 24, 0, 443, 392, 443, 0, 0
16: 16, 0, 2035, 475, 73042, 0, 0
32: 32, 0, 2327, 798, 36478, 0, 0
64: 64, 0, 13267, 3907, 298313, 0, 0
128: 128, 0, 7817, 4087, 191618, 0, 0
256: 256, 0, 22154, 2986, 37321, 0, 0
512: 512, 0, 484, 300, 4190, 0, 0
1024: 1024, 0, 94, 106, 2966, 0, 0
2048: 2048, 0, 95, 45, 67442, 0, 0
4096: 4096, 0, 511, 4, 5537, 0, 0
8192: 8192, 0, 56, 0, 468, 0, 0
16384: 16384, 0, 20, 8, 621, 0, 0
32768: 32768, 0, 10, 4, 372, 0, 0
65536: 65536, 0, 15, 2, 745, 0, 0
SLEEPQUEUE: 80, 0, 307, 220, 307, 0, 0
Files: 80, 0, 300, 200, 43240, 0, 0
filedesc0: 1104, 0, 72, 18, 1559, 0, 0
rangeset pctrie nodes: 144, 0, 0, 0, 0, 0, 0
TURNSTILE: 136, 0, 307, 73, 307, 0, 0
rl_entry: 40, 0, 177, 423, 177, 0, 0
umtx pi: 96, 0, 0, 0, 0, 0, 0
umtx_shm: 88, 0, 21082, 203, 21086, 0, 0
MAC labels: 40, 0, 0, 0, 0, 0, 0
PROC: 1328, 0, 71, 19, 1558, 0, 0
THREAD: 1400, 0, 197, 109, 533, 0, 0
cpuset: 104, 0, 7, 272, 7, 0, 0
domainset: 40, 0, 0, 0, 0, 0, 0
audit_record: 1280, 0, 0, 0, 0, 0, 0
mbuf_packet: 256, 2421330, 580, 685, 421959, 0, 0
mbuf: 256, 2421330, 7, 1263, 6549717, 0, 0
mbuf_cluster: 2048, 32768, 1265, 5, 1269, 0, 0
mbuf_jumbo_page: 4096, 189165, 0, 173, 833167, 0, 0
mbuf_jumbo_9k: 9216, 56049, 0, 0, 0, 0, 0
mbuf_jumbo_16k: 16384, 31527, 0, 0, 0, 0, 0
epoch_record pcpu: 256, 0, 4, 60, 4, 0, 0
ttyinq: 160, 0, 180, 20, 315, 0, 0
ttyoutq: 256, 0, 95, 100, 167, 0, 0
DMAR_MAP_ENTRY: 120, 0, 0, 0, 0, 0, 0
FPU_save_area: 512, 0, 0, 0, 0, 0, 0
g_bio: 376, 0, 0, 1290, 222924, 0, 0
nvme_request: 128, 0, 0, 0, 0, 0, 0
cryptop: 128, 0, 0, 279, 299, 0, 0
cryptodesc: 120, 0, 0, 264, 598, 0, 0
crypto_session: 24, 0, 4, 330, 4, 0, 0
vtnet_tx_hdr: 24, 0, 0, 0, 0, 0, 0
VNODE: 480, 0, 2153, 55, 2392, 0, 0
VNODEPOLL: 120, 0, 0, 0, 0, 0, 0
BUF TRIE: 144, 0, 1571, 38119, 11404, 0, 0
NAMEI: 1024, 0, 0, 40, 36353, 0, 0
rentr: 24, 0, 0, 0, 0, 0, 0
S VFS Cache: 108, 0, 1775, 115, 4510, 0, 0
STS VFS Cache: 148, 0, 0, 0, 0, 0, 0
L VFS Cache: 328, 0, 278, 46, 292, 0, 0
LTS VFS Cache: 368, 0, 0, 0, 0, 0, 0
NCLNODE: 592, 0, 0, 0, 0, 0, 0
DIRHASH: 1024, 0, 134, 10, 134, 0, 0
procdesc: 136, 0, 0, 0, 0, 0, 0
AIO: 208, 0, 0, 0, 0, 0, 0
AIOP: 32, 0, 0, 0, 0, 0, 0
AIOCB: 752, 0, 0, 0, 0, 0, 0
AIOLIO: 280, 0, 0, 0, 0, 0, 0
pipe: 760, 0, 18, 22, 707, 0, 0
Mountpoints: 2744, 0, 8, 4, 8, 0, 0
ksiginfo: 112, 0, 71, 979, 1678, 0, 0
itimer: 352, 0, 0, 0, 0, 0, 0
KNOTE: 160, 0, 58, 192, 99798, 0, 0
socket: 872, 195112, 135, 113, 7575, 0, 0
unpcb: 256, 195120, 39, 96, 3622, 0, 0
IPsec SA lft_c: 16, 0, 4, 508, 4, 0, 0
ipq: 56, 1065, 0, 0, 0, 0, 0
udp_inpcb: 488, 195112, 39, 81, 1448, 0, 0
udpcb: 32, 195125, 39, 586, 1448, 0, 0
tcp_inpcb: 488, 195112, 39, 137, 2436, 0, 0
tcpcb: 976, 195112, 37, 119, 2436, 0, 0
tcptw: 88, 27810, 2, 268, 104, 0, 0
syncache: 168, 15364, 0, 184, 545, 0, 0
hostcache: 96, 15375, 190, 220, 190, 0, 0
sackhole: 32, 0, 0, 0, 0, 0, 0
tfo: 4, 0, 0, 0, 0, 0, 0
tfo_ccache_entries: 80, 0, 0, 0, 0, 0, 0
tcpreass: 48, 2075, 0, 332, 3, 0, 0
tcp_log: 400, 1000000, 0, 0, 0, 0, 0
tcp_log_bucket: 144, 0, 0, 0, 0, 0, 0
tcp_log_node: 120, 0, 0, 0, 0, 0, 0
sctp_ep: 1280, 195114, 0, 0, 0, 0, 0
sctp_asoc: 2408, 40000, 0, 0, 0, 0, 0
sctp_laddr: 48, 80012, 0, 332, 8, 0, 0
sctp_raddr: 736, 80000, 0, 0, 0, 0, 0
sctp_chunk: 152, 400010, 0, 0, 0, 0, 0
sctp_readq: 152, 400010, 0, 0, 0, 0, 0
sctp_stream_msg_out: 112, 400015, 0, 0, 0, 0, 0
sctp_asconf: 40, 400000, 0, 0, 0, 0, 0
sctp_asconf_ack: 48, 400060, 0, 0, 0, 0, 0
udplite_inpcb: 488, 195112, 0, 0, 0, 0, 0
ripcb: 488, 195112, 3, 61, 15, 0, 0
rtentry: 208, 0, 23, 110, 25, 0, 0
selfd: 64, 0, 155, 651, 486720, 0, 0
swpctrie: 144, 756675, 0, 0, 0, 0, 0
swblk: 136, 756668, 0, 0, 0, 0, 0
FFS inode: 160, 0, 2104, 96, 2341, 0, 0
FFS1 dinode: 128, 0, 0, 0, 0, 0, 0
FFS2 dinode: 256, 0, 2104, 41, 2341, 0, 0
NetGraph items: 72, 65565, 1, 402, 1402, 0, 0
NetGraph data items: 72, 65565, 0, 527, 2815948, 0, 0
IPFW counters: 16, 0, 10, 246, 10, 0, 0
IPFW dynamic states data: 88, 16425, 0, 0, 0, 0, 0
IPFW parent dynamic states: 32, 4125, 0, 0, 0, 0, 0
IPFW IPv4 dynamic states: 40, 0, 0, 0, 0, 0, 0
IPFW IPv6 dynamic states: 72, 0, 0, 0, 0, 0, 0
Код:
vmstat -i
interrupt total rate
irq1: atkbd0 2 0
irq16: uhci0+ 7208 9
irq23: fxp0 uhci2+ 20383 24
cpu0:timer 181323 217
cpu1:timer 128015 153
irq258: re0 14861 18
irq260: re1 496079 594
irq261: ahci0:ch0 7210 9
irq266: ahci0:ch5 53099 64
Total 908180 1087
ifconfig -a
Код:
re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 00:e0:f4:1e:28:39
inet 192.168.99.254 netmask 0xffffff00 broadcast 192.168.99.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
re1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 00:e0:f4:1e:28:3a
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=2008<VLAN_MTU,WOL_MAGIC>
ether 00:90:27:0d:aa:53
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet 172.31.1.1 netmask 0xffffffff
groups: lo
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
vlan2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 00:90:27:0d:aa:53
groups: vlan
vlan: 2 vlanpcp: 0 parent interface: fxp0
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
vlan15: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 00:90:27:0d:aa:53
groups: vlan
vlan: 15 vlanpcp: 0 parent interface: fxp0
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
gre0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1476
options=80000<LINKSTATE>
tunnel inet 95.183.AA.BB --> 93.171.CC.EE
inet 10.0.255.34 --> 10.0.255.33 netmask 0xff000000
groups: gre
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
options=80000<LINKSTATE>
tunnel inet 95.183.AA.BB --> 80.211.FF.GG
inet 192.168.199.254 --> 192.168.199.253 netmask 0xfffffffc
groups: gif
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1492
inet 95.183.AA.BB --> 92.62.DD.EE netmask 0xffffffff
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ng1: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1400
inet 192.168.199.1 --> 192.168.199.4 netmask 0xffffffff
inet6 fe80::2e0:f4ff:fe1e:2839%ng1 prefixlen 64 scopeid 0xb
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
ng2: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1400
inet 192.168.199.1 --> 192.168.199.16 netmask 0xffffffff
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ng0 интернет
В gif и gre трафика мизер, для ssh и вебинтерфейса всякой сетевого железа.
dmesg
Код:
fxp0: <Intel 82558 Pro/100 Ethernet> port 0xbc00-0xbc1f mem 0xbfeff000-0xbfefffff,0xff600000-0xff6fffff irq 23 at device 4.0 on pci3
miibus2: <MII bus> on fxp0
inphy0: <i82555 10/100 media interface> PHY 1 on miibus2
inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow
re0
Код:
re0: <RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet> port 0x9800-0x98ff mem 0xff1ff000-0xff1fffff irq 16 at device 0.0 on pci1
re0: Using 1 MSI message
re0: Chip rev. 0x38000000
re0: MAC rev. 0x00500000
miibus0: <MII bus> on re0
rgephy0: <RTL8169S/8110S/8211 1000BASE-T media interface> PHY 1 on miibus0
rgephy0: none, 10baseT, 10baseT-FDX, 10baseT-FDX-flow, 100baseTX, 100baseTX-FDX, 100baseTX-FDX-flow, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, 1000baseT-FDX-flow, 1000baseT-FDX-flow-master, auto, auto-flow
re0: Using defaults for TSO: 65518/35/2048
re0: Ethernet address: 00:e0:f4:1e:28:39
re0: netmap queues/slots: TX 1/256, RX 1/256
re1
Код:
re1: <RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet> port 0xa800-0xa8ff mem 0xff2ff000-0xff2fffff irq 17 at device 0.0 on pci2
re1: Using 1 MSI message
re1: Chip rev. 0x38000000
re1: MAC rev. 0x00500000
miibus1: <MII bus> on re1
rgephy1: <RTL8169S/8110S/8211 1000BASE-T media interface> PHY 1 on miibus1
rgephy1: none, 10baseT, 10baseT-FDX, 10baseT-FDX-flow, 100baseTX, 100baseTX-FDX, 100baseTX-FDX-flow, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, 1000baseT-FDX-flow, 1000baseT-FDX-flow-master, auto, auto-flow
re1: Using defaults for TSO: 65518/35/2048
re1: Ethernet address: 00:e0:f4:1e:28:3a
re1: netmap queues/slots: TX 1/256, RX 1/256
loader.conf
Код:
# cat /boot/loader.conf
geom_mirror_load="YES"
#Squid diskd
kern.ipc.msgmnb=8192
kern.ipc.msgssz=64
kern.ipc.msgtql=2048
#Squid end
kern.ipc.nmbclusters=32768
net.link.gif.max_nesting=3
#kern.ipc.somaxconn=1024
#kern.ipc.maxsockbuf=16777216
# increase netgraph kernel params
net.graph.maxdata=65535
net.graph.maxalloc=65535
sysctl.conа
Код:
# cat /etc/sysctl.conf
# Uncomment this to prevent users from seeing information about processes that
# are being run under another UID.
#security.bsd.see_other_uids=0
kern.ipc.maxsockbuf=16777216
kern.ipc.somaxconn=1024
Вход
Регистрация
Поиск
netstat -m