Title: EFW 2.4.1 - TCP/IP number of sessions Post by: NOX on Wednesday 16 March 2011, 06:34:17 am Hi All
Have a strange issue here and hope the guru's out there could shed some light onto it. Our EFW 2.4.1 has a GREEN int. and a RED int. The RED int. is connected to a NETMODEM 3100 (VSAT). This last 2 weeks we have been experiencing consistent drop outs, but only during office hours and only during the day. Today purely by luck we learned that the NETMODEM memory reaches some kind of buffer limit and tries to restart, which sometimes it does and other times it just hangs. Anyways the reason for this behaviour is the number of "sessions" exceed what the NETMODEM can handle. Upstream ISP and web not helpful in how many it can actually handle either. So two questions, 1.) How can I prove the number of sessions, source and destination of these sessions ? (Graph ? for specific internal IP) 2.) Is there a way to force EFW to NOT exceed "X" nnumber of sessions ? UOI; Snort is enable and ALL rules have been activated. Any assistance / ideas would greatly be appreciated. Thanks in advance. |