mpd5 зависает непонятно сесии держатся около 730, а при подключении пишет 800 вот конфиг ядра и мпд. Но не всегда бывает работает нормально и при таком количестве пользователей.
нат не используется, все реальные айпи адреса, пайпов нету в фаерволе, нагрузка проца до 100%
проц ксеон с серверной мамкой
cpu<---><------>I686_CPU
ident<-><------>STABLYA
makeoptions<--->DEBUG=-g<------><------># Build kernel with gdb(1) debug symbols
options <------>SCHED_ULE<-----><------># ULE scheduler
options <------>PREEMPTION<----><------># Enable kernel thread preemption
options <------>INET<--><------><------># InterNETworking
#options <----->INET6<-><------><------># IPv6 communications protocols
options <------>SCTP<--><------><------># Stream Control Transmission Protocol
options <------>FFS<---><------><------># Berkeley Fast Filesystem
options <------>SOFTUPDATES<---><------># Enable FFS soft updates support
options <------>UFS_ACL><------><------># Support for access control lists
options <------>UFS_DIRHASH<---><------># Improve performance on big directories
options <------>UFS_GJOURNAL<--><------># Enable gjournal-based UFS journaling
options <------>MD_ROOT><------><------># MD is a potential root device
#options <----->NFSCLIENT<-----><------># Network Filesystem Client
#options <----->NFSSERVER<-----><------># Network Filesystem Server
#options <----->NFSLOCKD<------><------># Network Lock Manager
#options <----->NFS_ROOT<------><------># NFS usable as /, requires NFSCLIENT
#options <----->MSDOSFS><------><------># MSDOS Filesystem
#options <----->CD9660<><------><------># ISO 9660 Filesystem
options <------>PROCFS<><------><------># Process filesystem (requires PSEUDOFS)
options <------>PSEUDOFS<------><------># Pseudo-filesystem framework
options <------>GEOM_PART_GPT<-><------># GUID Partition Tables.
options <------>GEOM_LABEL<----><------># Provides labelization
options <------>COMPAT_43TTY<--><------># BSD 4.3 TTY compat [KEEP THIS!]
options <------>COMPAT_FREEBSD4><------># Compatible with FreeBSD4
options <------>COMPAT_FREEBSD5><------># Compatible with FreeBSD5
options <------>COMPAT_FREEBSD6><------># Compatible with FreeBSD6
#options <----->SCSI_DELAY=5000><------># Delay (in ms) before probing SCSI
options <------>KTRACE<><------><------># ktrace(1) support
options <------>STACK<-><------><------># stack(9) support
options <------>SYSVSHM><------><------># SYSV-style shared memory
options <------>SYSVMSG><------><------># SYSV-style message queues
options <------>SYSVSEM><------><------># SYSV-style semaphores
options <------>_KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options <------>KBD_INSTALL_CDEV<------># install a CDEV entry in /dev
options <------>ADAPTIVE_GIANT<><------># Giant mutex is adaptive.
options <------>STOP_NMI<------><------># Stop CPUS using NMI instead of IPI
options <------>AUDIT<-><------><------># Security event auditing
#options <----->KDTRACE_HOOKS<-><------># Kernel DTrace hooks
# To make an SMP kernel, the next two lines are needed
options <------>SMP<---><------><------># Symmetric MultiProcessor Kernel
device<><------>apic<--><------><------># I/O APIC
# CPU frequency control
device<><------>cpufreq
# Bus support.
#device><------>eisa
device<><------>pci
# Floppy drives
#device><------>fdc
# ATA and ATAPI devices
device<><------>ata
device<><------>atadisk><------># ATA disk drives
device<><------>ataraid><------># ATA RAID drives
options <------>ATA_STATIC_ID<-># Static device numbering
options NETGRAPH<------>..
options NETGRAPH_PPP<-->..
options NETGRAPH_PPTPGRE.....
#options NETGRAPH_L2TP....
options IPFIREWALL
options IPFIREWALL_DEFAULT_TO_ACCEPT
options><------>IPFIREWALL_FORWARD
options IPDIVERT
options DUMMYNET
options DEVICE_POLLING
#options<------><------>SMP
options><------>HZ=1000
кто знает что может быть. помогитеstartup:
# enable TCP-Wrapper (hosts_access(5)) to block unfriendly clients
set global enable tcp-wrapper
# configure the console
set console self хх.хх.хх.хх 5005
set user admin mpdsecret admin
set console open
#WEB managment
#set web self 0.0.0.0 5006
#set web open
#Netflow options
set netflow peer 127.0.0.1 9996
set netflow self 127.0.0.1 9900
set netflow timeouts 15 15
set netflow hook 9000
default:
load pptp_server
pptp_server:
set ippool add pool1 хх.ххх.ххх.0 хх.ххх.ххх.255
# Create clonable bundle template named B
create bundle template B
set iface enable proxy-arp
set iface idle 1800
set iface enable tcpmssfix
set ipcp yes vjcomp
# Specify IP address pool for dynamic assigment.
set ipcp ranges хх.хх.хх.хх ippool pool1
set ipcp dns хх.хх.хх.хх
# The five lines below enable Microsoft Point-to-Point encryption
# (MPPE) using the ng_mppc(8) netgraph node type.
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes stateless
# Create clonable link template named L
create link template L pptp
# Set bundle template to use
set link action bundle B
set link enable peer-as-calling
# Multilink adds some overhead, but gives full 1500 MTU.
set link enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 10 60
# We reducing link mtu to avoid GRE packet fragmentation
set link mtu 1460
# Configure PPTP
# ....... IP .. ....... ..... ............. ..........
set pptp self хх.ххх.хх.хх
# Allow to accept calls
set link enable incoming
load radius
radius:
#IP, ...... . ..... RADIUS-.......
set radius server хх.ххх.хх.хх mpd2secret 1812 1813
#set radius config /etc/radius.conf
set radius timeout 10
set auth acct-update 300
set auth enable radius-auth
set auth enable radius-acct
set radius retries 3
set auth disable internal