wed Опубликовано 7 января, 2011 · Жалоба netstat -i Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll inet1 1500 <Link#1> 00:0e:04:b7:17:f0 1323191909 562 414941296 0 0 inet1 1500 x.x.x.x x.x.x.x 191870052 - 198968373 - - rkm 1500 <Link#3> 00:0d:61:12:59:c6 935300279 1 1262669760 1 0 rkm 1500 192.168.70.0 192.168.70.1 927028 - 39293 - - rkm 1500 192.168.130.0 192.168.130.1 78846 - 3362 - - berez 1500 <Link#4> 00:0d:61:12:59:c7 3590193056 412 4148647759 1 0 berez 1500 192.168.71.0 192.168.71.1 2837524 - 180349 - - berez 1500 192.168.131.0 192.168.131.1 10476 - 9400 - - berez 1500 10.0.0.0 10.90.90.91 102467 - 520 - - lo0 16384 <Link#5> 433 0 433 0 0 lo0 16384 fe80:5::1 fe80:5::1 0 - 0 - - lo0 16384 localhost ::1 0 - 0 - - lo0 16384 your-net localhost 418 - 418 - - tcp: 27898056 packets sent 13896851 data packets (281289971 bytes) 62717 data packets (2545319 bytes) retransmitted 48444 data packets unnecessarily retransmitted 0 resends initiated by MTU discovery 13771221 ack-only packets (156700 delayed) 0 URG only packets 0 window probe packets 76 window update packets 167256 control packets 91043936 packets received 14131470 acks (for 294726395 bytes) 128447 duplicate acks 0 acks for unsent data 14069150 packets (210789171 bytes) received in-sequence 28008 completely duplicate packets (755763 bytes) 2 old duplicate packets 54 packets with some dup. data (11952 bytes duped) 2399 out-of-order packets (94038 bytes) 0 packets (0 bytes) of data after window 0 window probes 6640958 window update packets 3 packets received after close 883 discarded for bad checksums 2 discarded for bad header offset fields 0 discarded because packet too short 0 discarded due to memory problems 46772 connection requests 6722046 connection accepts 0 bad connection attempts 0 listen queue overflows 543 ignored RSTs in the windows 6768086 connections established (including accepts) 6772271 connections closed (including 265 drops) 116008 connections updated cached RTT on close 116043 connections updated cached RTT variance on close 84498 connections updated cached ssthresh on close 209 embryonic connections dropped 14130143 segments updated rtt (of 7389517 attempts) 64642 retransmit timeouts 36 connections dropped by rexmit timeout 0 persist timeouts 0 connections dropped by persist timeout 0 Connections (fin_wait_2) dropped because of timeout 100 keepalive timeouts 93 keepalive probes sent 7 connections dropped by keepalive 5826 correct ACK header predictions 6862083 correct data packet header predictions 6722503 syncache entries added 40997 retransmitted 4385 dupsyn 87468 dropped 6722046 completed 0 bucket overflow 0 bucket overflow 0 cache overflow 367 reset 85 stale 0 aborted 0 badack 7 unreach 0 zone failures 6809971 cookies sent 2 cookies received 186 SACK recovery episodes 140 segment rexmits in SACK recovery episodes 21052 byte rexmits in SACK recovery episodes 13654 SACK options (SACK blocks) received 146 SACK options (SACK blocks) sent 0 SACK scoreboard overflow udp: 104744454 datagrams received 0 with incomplete header 77 with bad data length field 1820 with bad checksum 2821856 with no checksum 100585891 dropped due to no socket 3627349 broadcast/multicast datagrams undelivered 0 dropped due to full socket buffers 0 not for hashed pcb 529317 delivered 16430130 datagrams output 0 times multicast source filter matched sctp: 0 input packets 0 datagrams 0 packets that had data 0 input SACK chunks 0 input DATA chunks 0 duplicate DATA chunks 0 input HB chunks 0 HB-ACK chunks 0 input ECNE chunks 0 input AUTH chunks 0 chunks missing AUTH 0 invalid HMAC ids received 0 invalid secret ids received 0 auth failed 0 fast path receives all one chunk 0 fast path multi-part data 0 output packets 0 output SACKs 0 output DATA chunks 0 retransmitted DATA chunks 0 fast retransmitted DATA chunks 0 FR's that happened more than once to same chunk 0 intput HB chunks 0 output ECNE chunks 0 output AUTH chunks 0 ip_output error counter Packet drop statistics: 0 from middle box 0 from end host 0 with data 0 non-data, non-endhost 0 non-endhost, bandwidth rep only 0 not enough for chunk header 0 not enough data to confirm 0 where process_chunk_drop said break 0 failed to find TSN 0 attempt reverse TSN lookup 0 e-host confirms zero-rwnd 0 midbox confirms no space 0 data did not match TSN 0 TSN's marked for Fast Retran Timeouts: 0 iterator timers fired 0 T3 data time outs 0 window probe (T3) timers fired 0 INIT timers fired 0 sack timers fired 0 shutdown timers fired 0 heartbeat timers fired 0 a cookie timeout fired 0 an endpoint changed its cookiesecret 0 PMTU timers fired 0 shutdown ack timers fired 0 shutdown guard timers fired 0 stream reset timers fired 0 early FR timers fired 0 an asconf timer fired 0 auto close timer fired 0 asoc free timers expired 0 inp free timers expired 0 packet shorter than header 0 checksum error 0 no endpoint for port 0 bad v-tag 0 bad SID 0 no memory 0 number of multiple FR in a RTT window 0 RFC813 allowed sending 0 RFC813 does not allow sending 0 times max burst prohibited sending 0 look ahead tells us no memory in interface 0 numbers of window probes sent 0 times an output error to clamp down on next user send 0 times sctp_senderrors were caused from a user 0 number of in data drops due to chunk limit reached 0 number of in data drops due to rwnd limit reached 0 times a ECN reduced the cwnd 0 used express lookup via vtag 0 collision in express lookup 0 times the sender ran dry of user data on primary 0 same for above 0 sacks the slow way 0 window update only sacks sent 0 sends with sinfo_flags !=0 0 unordered sends 0 sends with EOF flag set 0 sends with ABORT flag set 0 times protocol drain called 0 times we did a protocol drain 0 times recv was called with peek 0 cached chunks used 0 cached stream oq's used 0 unread messages abandonded by close 0 send burst avoidance, already max burst inflight to net 0 send cwnd full avoidance, already max burst inflight to net 0 number of map array over-runs via fwd-tsn's ip: 2692682332 total packets received 5164 bad header checksums 0 with size smaller than minimum 845 with data size < data length 0 with ip length > max ip packet size 0 with header length < data size 0 with data length < header length 0 with bad options 11734 with incorrect version number 2391 fragments received 0 fragments dropped (dup or out of space) 192 fragments dropped after timeout 939 packets reassembled ok 195903671 packets for this host 8774 packets for unknown/unsupported protocol 1344037707 packets forwarded (0 packets fast forwarded) 191132 packets not forwardable 100 packets received for unknown multicast group 0 redirects sent 200980459 packets sent from this host 0 packets sent with fabricated ip header 60 output packets dropped due to no bufs, etc. 0 output packets discarded due to no route 33 output datagrams fragmented 67 fragments created 756 datagrams that can't be fragmented 0 tunneling packets that can't find gif 6 datagrams with bad address in header icmp: 100553047 calls to icmp_error 248 errors not generated in response to an icmp message Output histogram: echo reply: 109408 destination unreachable: 100551151 time exceeded: 1648 0 messages with bad code fields 0 messages less than the minimum length 31 messages with bad checksum 0 messages with bad length 4 multicast echo requests ignored 0 multicast timestamp requests ignored Input histogram: echo reply: 343 destination unreachable: 4208 source quench: 8 echo: 109412 time exceeded: 1267 109408 message responses generated 10 invalid return addresses 0 no return routes ICMP address mask responses are disabled Медиаконвертеры - дело не в них, они менялись несколько раз, разных фирм, разные устройства. На самой машине - имеется в виду прокси-сервер? если да то после праздников попробую поставить какой-нибудь легкий прокси-сервер типа oops или polipo. Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
Ivan_83 Опубликовано 7 января, 2011 · Жалоба ip: 2692682332 total packets received 5164 bad header checksums 845 with data size < data length 11734 with incorrect version number покопавшись у себя нашёл только в одном ошибки, это за 60 суток, как видно почти без нагрузки ip: 86658332 total packets received 3622 bad header checksums остальные счётчики по нулям icmp: 100553047 calls to icmp_error 248 errors not generated in response to an icmp message Output histogram: echo reply: 109408 destination unreachable: 100551151 У вас так и должно быть много?(по правилам фаера) Сквид тоже лёгкий, на самом деле, при сборке снять галочки только нужно. И как вариант всегда есть воткнутся напрямую ноутом в провод до прова и попробовать с него. Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
st_re Опубликовано 10 января, 2011 · Жалоба А, compute-1.amazonaws.com. куда машина так массово ходит по https, это нормально ? Ну так, чтобы исключить какого трояна, ломающего пароли-рассылающего спам итд... Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
