From owner-freebsd-stable Sun Jul 25 4: 0:48 1999 Delivered-To: freebsd-stable@freebsd.org Received: from awfulhak.org (dynamic-99.max1-du-ws.dialnetwork.pavilion.co.uk [212.74.8.99]) by hub.freebsd.org (Postfix) with ESMTP id 8197B15186 for ; Sun, 25 Jul 1999 04:00:18 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from keep.lan.Awfulhak.org (root@keep.lan.Awfulhak.org [172.16.0.8]) by awfulhak.org (8.9.3/8.9.3) with ESMTP id LAA12999; Sun, 25 Jul 1999 11:52:44 +0100 (BST) (envelope-from brian@lan.awfulhak.org) Received: from keep.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by keep.lan.Awfulhak.org (8.9.3/8.9.3) with ESMTP id LAA71084; Sun, 25 Jul 1999 11:53:12 +0100 (BST) (envelope-from brian@keep.lan.Awfulhak.org) Message-Id: <199907251053.LAA71084@keep.lan.Awfulhak.org> X-Mailer: exmh version 2.0.2 2/24/98 To: Carroll Kong Cc: freebsd-stable@FreeBSD.ORG Subject: Re: NATD 3.2-Release Issues? In-reply-to: Your message of "Sun, 25 Jul 1999 01:21:32 EDT." <4.2.0.58.19990725010824.01312ce0@email.eden.rutgers.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 25 Jul 1999 11:53:12 +0100 From: Brian Somers Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Please don't send messages individually to me and then to a list. Send to both at the same time with the same message - it wastes less of peoples time. This is my answer to your personal email with the same content: : Hi, : : The ``host is down'' message just means it's getting no response from : a directly connected host. I'm not sure what the question is here. : If you're trying to send stuff via your cable-providers server, : surely this means it's not responding ? : : BTW, you're best bet is to at least cc freebsd-questions as you're : more likely to find a better answer there. > Hi guys. I have been using 3.2-Release for quite some time now as a > natd. Normally I have no problems with this setup at all. However, I just > realized, after perusing my logs, I have been getting this error. > > Jul 18 17:58:41 daemon natd[107]: failed to write packet back (Host is down) > Jul 18 17:58:41 daemon natd[107]: failed to write packet back (No route to > host) > Jul 18 17:58:45 daemon natd[107]: failed to write packet back (No route to > host) > > (I only greped for natd in this case, it naturally has the 'last message > repeated' for quite some time in between logs) > > > Normally I get this error when my 'cable' modem goes down, so it makes > sense that there is no route to host. However, as I checked the more > recent logs. > > Jul 25 00:06:07 daemon natd[107]: failed to write packet back (Host is down) > Jul 25 00:06:12 daemon last message repeated 3 times > Jul 25 00:45:30 daemon natd[107]: failed to write packet back (Host is down) > Jul 25 00:51:54 daemon last message repeated 18 times > > Now, this error is a bit different. There is no '(No route to host)' error > this time. And, I get this error yet the cable modem interface did NOT go > down. I do not think I changed anything significant, however, I did add > these kernel options around the '5th of june'. > > pseudo-device bpfilter 4 #Berkeley packet filter > > #NATD > options IPFIREWALL > options IPDIVERT > > #DUMMYNET > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=10 > options DUMMYNET > options NMBCLUSTERS=1024 > > #SOFTUPDATES > options SOFTUPDATES > > #NCFTPD SHARED MEM > #options SHMMAXPGS=1024 > > #SHARED MEM OPTIONS FROM LINT > options SHMALL=1025 > options "SHMMAX=(SHMMAXPGS*PAGE_SIZE+1)" > options SHMMAXPGS=1025 > options SHMMIN=2 > options SHMMNI=33 > options SHMSEG=9 > > Ok. Now, I do use dummynet, however, using ipfw show, there was no usage > on that particular "pipe". The machine has maxusers set to 128, and is a > k6-200 with 32 megs of ram, using Dec PCI nics (two of them), on an > asus97-XE, TX Chipset. I really think the issue is software based over > hardware since previous logs did not have such a "large" amount of this > natd failure to write back. (previous to the 5th of july which was the > last time I modified my new kernel file). I also run these services on top > of the standard ones, like apache13+php3 with ssl, and I added my own > loadable module, mod_fastcgi, mysqld, postgresql, ncftpd, socks5, sshd, > with the default tcp wrapper, telnetd, and ftpd. (Hm. I could eliminate > running mysqld, even I only have 32 megs of ram, my machine 'does' seem ok > with the 'load', Kudos to FreeBSD power!). > > Now, I highly doubt if I just remake world it will 'fix' anything, however, > I am ready to remake world since I am using 3.2-RELEASE. However, I was > not aware of any significant fixes done to natd code during this > time. (sorry if I missed it, by the way, is there a direct listing of > fixes that grows as we progress through stable? I know it is cumbersome > though, and we must as well just add the list in each release, but just > curious for convenience sake). > > Ok. So, are any of my options somewhat "limiting" and causing a pipe to be > full or something odd like that? Or is this a known problem and I should > consider getting my machine 'synched' with 3.2-STABLE? It has to be my > kernel setup or a 'bug' that has been squashed some how, right? > > On the side, could it be my bpf filter is not high enough? I do use dhcpd, > but I only host maybe 3 clients. (they are not always even on all the time). > > Thanks in advance, I am sure we can find a solution for this problem. > > -Carroll Kong -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message