Re: carp(4) debugging

Wed, 11 Oct 2006 08:45:16 -0700 

Exciting stuff; totally missed the log sysctl.
The netstat(8) reveals some interesting info about a persistent failover condition: 

$ netstat -sp carp
carp:
        7731906 packets received (IPv4)
        0 packets received (IPv6)
                0 packets discarded for bad interface
                0 packets discarded for wrong TTL
                0 packets shorter than header
                0 discarded for bad checksums
                0 discarded packets with a bad version
                0 discarded because packet too short
                0 discarded for bad authentication
                0 discarded for bad vhid
                0 discarded because of a bad address list
        118961 packets sent (IPv4)
        0 packets sent (IPv6)

**             152 send failed due to mbuf memory error


But yet:

$ netstat -m

        [...snip...]

        290/558/6144 mbuf clusters in use (current/peak/max)
        1224 Kbytes allocated to network (53% in use)
        0 requests for memory denied
        0 requests for memory delayed
        0 calls to protocol drain routines


Which is interesting because an identical backup unit does not exhibit 
these errors at all, even when running as MASTER for weeks at end.



MBuf isn't getting exhausted; MRTG does show interfaces getting staturated 
either.  The machine has an absurd ammount of RAM for a Router, too.



Also interesting how it is printed out, as well, as if it is under the 
IPv6 statistics; however these systems have a userland and kernel compiled 
without IPv6 support.



But since this is 3.7-era code, it's hard to imagine troubleshooting this 
further.  Certainly a 4x upgrade is in order before I go chasing down an 
mbuf exhaustion problem.



This is most likely related somehow to the absurdley high number of max 
states (set limit states 200000, etc.)


~BAS

On Wed, 11 Oct 2006, Ryan McBride wrote:


On Tue, Oct 10, 2006 at 05:50:50PM -0400, Brian A. Seklecki wrote:

Certainly a way to log events (interfaces, etc.) and the resulting actions
taken by the code would be useful in mission critical environments.

Anything beats "tcpdump 'proto carp'" and making guesses from there.


Nothing new to 4.0, but a few of the things you can do besides using
tcpdump are:

route monitor
        - see interface link state change
sysctl net.inet.carp.log=1
        - generates primarily protocol error messages
netstat -sp carp
        - display a number of relevant counters

If you want to do more complicated things, like run commands when carp
interfaces change state, you can have a look at ifstated.

-Ryan



l8*
        -lava (Brian A. Seklecki - Pittsburgh, PA, USA)
               http://www.spiritual-machines.org/

"...from back in the heady days when "helpdesk" meant nothing, "diskquota"
meant everything, and lives could be bought and sold for a couple of pages
of laser printout - and frequently were."















    











					Reply via email to