Re: pf stalls connection when using route-to
On Tue, Apr 13, 2010 at 10:53 AM, Lin Jui-Nan Eric eric...@tamama.org wrote: On Tue, Apr 13, 2010 at 11:19 PM, Jeremy Chadwick free...@jdc.parodius.com wrote: What FreeBSD version? uname -a output please. I have tried 7.2-R and 8.0-R. Both version stalls, too. 8.0-RELEASE: # uname -a FreeBSD bsd8 8.0-RELEASE-p2 FreeBSD 8.0-RELEASE-p2 #3: Wed Mar 3 17:15:52 CST 2010 r...@bsd8:/usr/obj/usr/src/sys/KERNEL amd64 [SNIP] Jack Vogel recently committed an updated, overhauled em(4) driver to 9-CURRENT, which was MFC'd to 8-STABLE: http://svn.freebsd.org/viewvc/base/stable/8/sys/dev/e1000/ Would it be possible for you to try your configuration on one of these newer versions? -Brandon ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
pf stalls connection when using route-to
Hi listers,
We recently found that when the traffic passes pf with route-to, the
connection stalls.
Turning off TSO solves the problem. Our pf.conf is very simple:
table privip const {10/8, 172.16/12, 192.168/16}
pass out quick route-to (em0 10.1.1.1) from privip to ! privip no state
And we have a tcpdump capture file. It shows that there's lots of
duplicate packets and
retransmissions while TSO is enabled. Our NIC is an Intel PRO/1000:
em0: Intel(R) PRO/1000 Network Connection 6.9.14 port 0x2000-0x201f
mem 0xdf20-0xdf21 irq 18 at device 0.0 on pci4
em0: Using MSI interrupt
em0: [FILTER]
Screenshot: http://cf.files.jnlin.org/with-tso.png
Any suggestion? I just turn off the TSO, but I think it is only a workaround.
Sincerely,
Jui-Nan
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: pf stalls connection when using route-to
On Tue, Apr 13, 2010 at 08:17:57PM +0800, Lin Jui-Nan Eric wrote:
We recently found that when the traffic passes pf with route-to, the
connection stalls.
Turning off TSO solves the problem. Our pf.conf is very simple:
table privip const {10/8, 172.16/12, 192.168/16}
pass out quick route-to (em0 10.1.1.1) from privip to ! privip no state
And we have a tcpdump capture file. It shows that there's lots of
duplicate packets and
retransmissions while TSO is enabled. Our NIC is an Intel PRO/1000:
em0: Intel(R) PRO/1000 Network Connection 6.9.14 port 0x2000-0x201f
mem 0xdf20-0xdf21 irq 18 at device 0.0 on pci4
em0: Using MSI interrupt
em0: [FILTER]
Screenshot: http://cf.files.jnlin.org/with-tso.png
Any suggestion? I just turn off the TSO, but I think it is only a workaround.
What FreeBSD version? uname -a output please.
--
| Jeremy Chadwick j...@parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: pf stalls connection when using route-to
On Tue, Apr 13, 2010 at 11:19 PM, Jeremy Chadwick free...@jdc.parodius.com wrote: What FreeBSD version? uname -a output please. I have tried 7.2-R and 8.0-R. Both version stalls, too. 8.0-RELEASE: # uname -a FreeBSD bsd8 8.0-RELEASE-p2 FreeBSD 8.0-RELEASE-p2 #3: Wed Mar 3 17:15:52 CST 2010 r...@bsd8:/usr/obj/usr/src/sys/KERNEL amd64 We only added carp in kernel config for HA. # cat /etc/sysctl.conf # $FreeBSD: src/etc/sysctl.conf,v 1.8.34.1.2.1 2009/10/25 01:10:29 kensmith Exp $ # # This file is read when going to multi-user and its contents piped thru # ``sysctl'' to adjust kernel values. ``man 5 sysctl.conf'' for details. # # Uncomment this to prevent users from seeing information about processes that # are being run under another UID. #security.bsd.see_other_uids=0 debug.bootverbose=1 kern.ipc.maxsockbuf=2097152 kern.ipc.somaxconn=8192 kern.maxfiles=65536 kern.maxfilesperproc=32768 kern.maxprocperuid=65536 net.inet.tcp.delayed_ack=0 debug.bootverbose=1 kern.ipc.maxsockbuf=2097152 kern.ipc.somaxconn=8192 kern.maxfiles=65536 kern.maxfilesperproc=32768 kern.maxprocperuid=65536 net.inet.tcp.delayed_ack=0 net.inet.carp.preempt=1 net.inet.carp.arpbalance=1 kern.randompid=9 net.inet.flowtable.enable=0 # cat /boot/loader.conf # coretemp_load=YES geom_mirror_load=YES geom_stripe_load=YES if_em_load=YES kbdmux_load=YES random_load=YES ukdb_load=YES zfs_load=YES # kern.ipc.nmbclusters=0 kern.maxproc=65536 net.inet.tcp.reass.maxsegments=1600 7.2-RELEASE: # uname -a FreeBSD bsd7 7.2-RELEASE-p7 FreeBSD 7.2-RELEASE-p7 #0: Fri Feb 26 22:28:05 UTC 2010 r...@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 # cat /etc/sysctl.conf debug.bootverbose=1 kern.ipc.maxsockbuf=2097152 kern.ipc.somaxconn=32768 kern.maxfiles=65536 kern.maxfilesperproc=32768 kern.maxprocperuid=65536 kern.randompid=9 net.inet.icmp.icmplim=65536 net.inet.ip.fastforwarding=1 net.inet.ip.portrange.first=4096 net.inet.tcp.delayed_ack=0 net.inet.tcp.fast_finwait2_recycle=1 net.inet.tcp.maxtcptw=65535 net.inet.tcp.msl=1500 net.inet.tcp.nolocaltimewait=1 vfs.lookup_shared=1 vfs.nfs.prime_access_cache=0 vm.pmap.shpgperproc=2000 # cat /boot/loader.conf # coretemp_load=YES geom_mirror_load=YES geom_stripe_load=YES kbdmux_load=YES random_load=YES ukdb_load=YES zfs_load=YES # kern.ipc.nmbclusters=0 kern.maxproc=65536 vfs.zfs.prefetch_disable=1 vm.kmem_size=1G vm.kmem_size_max=1G net.inet.tcp.reass.maxsegments=1600 ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
