Patches from Julian Anastasov works only as he mentioned for 2.4 series of kernels His patches are untested for 2.6 kernels 2.6.17 kernel das not suppose to have this bug cos it was fixed earlier in 2.6.16 My advise is to switch from 2.6.17 to 2.6.16.29 or lather and avoid patches from Julian there are other ways to perform same task without patches. Frédéric Massot wrote: > Ivan Vladimirov wrote: >> Frédéric Massot wrote: >>> Hi, >>> >>> I regularly have errors (kernel: dst cache overflow) and crash of a >>> firewall under Linux 2.6.17 and the route patch from Julian Anastasov. >>> >>> With rtstat I see that the route cache size increases regularly without >>> never decreasing. >>> >>> I have this parameters: >>> fw:/proc/sys/net/ipv4/route# grep . * >>> error_burst:1250 >>> error_cost:250 >>> gc_elasticity:15 >>> gc_interval:60 >>> gc_min_interval:0 >>> gc_min_interval_ms:500 >>> gc_thresh:4096 >>> gc_timeout:300 >>> max_delay:10 >>> max_size:65536 >>> min_adv_mss:256 >>> min_delay:2 >>> min_pmtu:552 >>> mtu_expires:600 >>> redirect_load:5 >>> redirect_number:9 >>> redirect_silence:5120 >>> secret_interval:600 >>> >>> I can increase the maximum size of the cache, but that will do nothing >>> but delay the crash. >>> >>> Can you help me? >>> >>> Regards. >> max_size=65536 >> is to low increase size to 256k > > Hi, > > I supervised the system during a few weeks with slabtop and rtstat. > > What I could see, it is that the ip_dst_cache cache grow without never > being cleaned by the garbage collector. > > At the end of a few days, the traffic is slowed down and the customer > restart the firewall. When the cache reaches its maximum value there > is the error message (kernel: dst cache overflow) and the traffic is > really disturbed. > > I use the Linux kernel 2.6.17 and the route patch from Julian Anastasov. > > - The bug comes from the kernel or the patch? > > - Do you know if this bug were corrected in the new versions of the > kernel? > > Regards.
_______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc