From owner-freebsd-pf@FreeBSD.ORG  Thu Sep 16 03:56:23 2004
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 674)
	id D633016A4D5; Thu, 16 Sep 2004 03:56:23 +0000 (GMT)
Delivered-To: mlaier@vampire.homelinux.org
Received: (qmail 45192 invoked by uid 1005); 14 Nov 2003 09:28:35 -0000
Delivered-To: max@vampire.homelinux.org
Received: (qmail 45189 invoked from network); 14 Nov 2003 09:28:35 -0000
Received: from moutng.kundenserver.de (212.227.126.188)
  by pd95307cb.dip.t-dialin.net with SMTP; 14 Nov 2003 09:28:35 -0000
Received: from [212.227.126.159] (helo=mxng09.kundenserver.de)
	by moutng4.kundenserver.de with esmtp (Exim 3.35 #1)
	id 1AKaCp-000318-00
	for max@vampire.homelinux.org; Fri, 14 Nov 2003 10:25:31 +0100
Received: from [206.53.239.180] (helo=turing.freelists.org)
	by mxng09.kundenserver.de with esmtp (Exim 3.35 #1)
	id 1AKaCn-0007NX-00
	for max@love2party.net; Fri, 14 Nov 2003 10:25:29 +0100
Received: from turing (localhost [127.0.0.1])ESMTP
	id 9D437390AD6; Fri, 14 Nov 2003 04:13:51 -0500 (EST)
Received: with ECARTIS (v1.0.0; list pf4freebsd);
	Fri, 14 Nov 2003 04:13:43 -0500 (EST)
X-Original-To: pf4freebsd@freelists.org
Delivered-To: pf4freebsd@freelists.org
Received: from ns.kt-is.co.kr (ns.kt-is.co.kr [211.218.149.125])
	ESMTP id 380F8390ACF
	for <pf4freebsd@freelists.org>; Fri, 14 Nov 2003 04:13:41 -0500 (EST)
Received: from michelle.kt-is.co.kr ([211.55.51.210])
	(authenticated bits=128)
	by ns.kt-is.co.kr (8.12.10/8.12.10) with ESMTP id hAE9MSAh064341
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL);
	Fri, 14 Nov 2003 18:22:29 +0900 (KST)
Received: from michelle.kt-is.co.kr (localhost.kt-is.co.kr [127.0.0.1])
	by michelle.kt-is.co.kr (8.12.9/8.12.9) with ESMTP id hAE9OUWV032724
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Fri, 14 Nov 2003 18:24:30 +0900 (KST)
	(envelope-from yongari@kt-is.co.kr)
Received: (from yongari@localhost)
	by michelle.kt-is.co.kr (8.12.9/8.12.9/Submit) id hAE9OOAH032723;
	Fri, 14 Nov 2003 18:24:24 +0900 (KST)
	(envelope-from yongari@kt-is.co.kr)
From: Pyun YongHyeon <yongari@kt-is.co.kr>
To: pf4freebsd@freelists.org
Message-ID: <20031114092424.GA32359@kt-is.co.kr>
References: <3FB2ACA6.7030302@kasimir.com>
	<20031112220709.GO17343@insomnia.benzedrine.cx> <3FB2B203.1030704@kasimir.com>
	<3FB2B5AB.50601@kasimir.com> <20031113163911.GR17343@insomnia.benzedrine.cx>
	<3FB3EBBA.5070405@kasimir.com>
Mime-Version: 1.0
Content-type: text/plain;
  charset=us-ascii
Content-Disposition: inline
In-Reply-To: <3FB3EBBA.5070405@kasimir.com>
User-Agent: Mutt/1.4.1i
X-Filter-Version: 1.11a (ns.kt-is.co.kr)
X-archive-position: 216
X-ecartis-version: Ecartis v1.0.0
Sender: pf4freebsd-bounce@freelists.org
Errors-To: pf4freebsd-bounce@freelists.org
X-original-sender: yongari@kt-is.co.kr
Precedence: normal
X-list: pf4freebsd
Content-Transfer-Encoding: quoted-printable
X-Provags-Forward: ad1e83286d02b5e55817d47b0d69ba84
X-UID: 332
X-Length: 4829
X-Mailman-Approved-At: Thu, 16 Sep 2004 03:59:49 +0000
Subject: [pf4freebsd] Re: nfsd send error 1 probably caused by pf ?
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.1
Reply-To: pf4freebsd@freelists.org
List-Id: Technical discussion and general questions about packet filter (pf)
	<freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
Date: Thu, 16 Sep 2004 03:56:24 -0000
X-Original-Date: Fri, 14 Nov 2003 18:24:24 +0900
X-List-Received-Date: Thu, 16 Sep 2004 03:56:24 -0000

On Thu, Nov 13, 2003 at 09:38:18PM +0100, Florian C. Smeets wrote:
 > Daniel Hartmeier wrote:
 > > On Wed, Nov 12, 2003 at 11:35:23PM +0100, Florian C. Smeets wrote:
 > >=20
 > >=20
 > >>I get a lot of these BAD state messages with debug leve misc:
 > >>
 > >>Nov 12 23:32:25 bender kernel: pf: BAD state: TCP 172.30.1.1:2049=20
 > >>172.30.1.1:2049 172.30.1.2:1021 [lo=3D2879006265 high=3D2879023465=20
 > >>win=3D16588 modulator=3D0] [lo=3D1139973024 high=3D1139974122 win=3D=
17200=20
 > >>modulator=3D0] 4:4 A
 > >>  seq=3D1139974472 ack=3D2879006265 len=3D1448 ackskew=3D0 pkts=3D40=
6886:392362=20
 > >>dir=3Din,rev
 > >=20
 > >=20
 > > To prove this theory, you'd need a tcpdump -nvvvS of the entire
 > > connection (or at least a couple of packets before the first BAD sta=
te
 > > message). The connection doesn't use window scaling, so either the p=
eer
 > > is at fault or pf saw a packet reducing your window size which got l=
ost
 > > before the peer saw it. How regularly does this occur?
 > >=20
 >=20
 > I'm going to test this in the weekend. I don't have much time at the m=
oment.
 >=20
 > If i get the time i'm going to try to reproduce this at work tomorrow.
 >=20
 > Thanks alot for your help,
 > flo
 >=20
It seems that your problem is reproducable on my SMP machine.
I used a single rule 'pass out on xl0 keep state'.
However, I can't see 'nfsd send error' message. nfs client
works well even though pf still outputs 'BAD state' message.

Does your xl interface has a facility of H/W checksum offload?
(check with `ifconfig xl0`)

--=20
Pyun YongHyeon <http://www.kr.freebsd.org/~yongari>