Cedric Berger ([EMAIL PROTECTED]) wrote:Thanks for the report!
Now maybee you could succeed reloading your table with the command: "pfctl -t ban -Tr -f /etc/ban", because this command is more optimized and will allocate less kernel memory. It will run faster too.
Hope that helps, and let us know if you find something with
"vmstat -m" output. If it is PF that leaks kernel memory, we
need to fix that!
Hi again, and thanks for responding earlier. Today is the first time I've
seen the problem happen again. This is probably due to several reboots
which have occurred since I originally reported the problem (some planned
and some unplanned).
During that time, I also updated to a snapshot, and then to 3.4-current by source. I'm currently running 3.4-current from Feb 23.
pegasus:~$ sudo vi /etc/ban Password: pegasus:~$ sudo pfctl -t ban -Tr -f /etc/ban pfctl: Cannot allocate memory.
Here's what vmstat -m says:
Memory statistics by type Type Kern
Type InUse MemUse HighUse Limit Requests Limit Limit Size(s)
devbuf 1028 1431K 1431K 39322K 1091 0 0 16,32,64,128,256,512,1024,2048,4096,16384,32768,65536
pcb 66 6K 7K 39322K 15838 0 0 16,32,64,512
routetbl279631 39322K 39322K 39322K 1148926 0 0 16,32,64,128,256
Here is the problem I think: 40MB of kernel memory for routing table entries...
It might be PF table stuff..., not sure yet.
Do you reload your "ban" table very often? Do you you have a big routing table, or IPSec table? Cedric
