Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 15 Mar 2004 16:47:20 +0800
From:      "chenbo" <chenbo@egotop.com>
To:        freebsd-net@freebsd.org <freebsd-net@freebsd.org>
Subject:   help:FreeBSD4.8+IP Filter: v3.4.32,and error:/kernel: in_cksum: out of data by 3
Message-ID:  <20040315084726.3070B43D46@mx1.FreeBSD.org>

next in thread | raw e-mail | index | archive | help
Hi:
  I have installed the FreeBSD4.8 and IP Filter3.4.32.
  The FreeBSD BOX is used to NAT.
  But , i always get the messages "in_cksum: out of data by 3" , And the IP Packets always are droped.
  How to resolve the problem?



the message is:
cat /var/log/messages
Mar  8 17:13:49 nat /kernel: in_cksum: out of data by 2
Mar  8 17:14:19 nat last message repeated 4 times
Mar  8 20:10:03 nat /kernel: in_cksum: out of data by 4
Mar  9 11:59:47 nat /kernel: in_cksum: out of data by 2
Mar  9 11:59:48 nat /kernel: in_cksum: out of data by 2
Mar  9 12:40:06 nat /kernel: in_cksum: out of data by 2
Mar  9 13:32:47 nat /kernel: in_cksum: out of data by 2
Mar  9 17:27:48 nat /kernel: in_cksum: out of data by 2
Mar  9 17:28:16 nat last message repeated 3 times
Mar  9 17:37:19 nat /kernel: in_cksum: out of data by 3
Mar  9 18:04:03 nat /kernel: in_cksum: out of data by 1
Mar  9 19:35:19 nat /kernel: in_cksum: out of data by 2
Mar  9 19:35:23 nat last message repeated 2 times
Mar 10 09:27:43 nat /kernel: in_cksum: out of data by 2
Mar 10 15:43:08 nat /kernel: in_cksum: out of data by 3
Mar 10 15:43:09 nat /kernel: in_cksum: out of data by 3
Mar 10 19:22:34 nat /kernel: in_cksum: out of data by 2
Mar 10 19:22:55 nat last message repeated 4 times
Mar 12 19:30:00 nat /kernel: in_cksum: out of data by 3
Mar 12 20:48:29 nat /kernel: in_cksum: out of data by 3
Mar 13 13:56:40 nat /kernel: in_cksum: out of data by 3
Mar 13 15:45:40 nat /kernel: in_cksum: out of data by 1
Mar 13 16:25:45 nat /kernel: in_cksum: out of data by 3
Mar 13 16:25:53 nat /kernel: in_cksum: out of data by 3
Mar 13 18:28:38 nat /kernel: in_cksum: out of data by 2
Mar 13 18:42:54 nat /kernel: in_cksum: out of data by 3
Mar 13 18:42:57 nat last message repeated 2 times
Mar 13 19:04:05 nat /kernel: in_cksum: out of data by 1
Mar 13 19:33:58 nat /kernel: in_cksum: out of data by 3
Mar 13 19:34:16 nat last message repeated 3 times
Mar 15 16:06:10 nat /kernel: in_cksum: out of data by 1
Mar 15 16:06:37 nat last message repeated 4 times



the system information is:

nat# netstat -m
213/432/240000 mbufs in use (current/peak/max):
        213 mbufs allocated to data
211/432/60000 mbuf clusters in use (current/peak/max)
972 Kbytes allocated to network (0% of mb_map in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines

nat# netstat -in
Name  Mtu   Network       Address            Ipkts Ierrs    Opkts Oerrs  Coll
fxp0  1500  <Link#1>    xx:xx:xx:xx:xx:xx 3630613020    14 3601258558     0     0
fxp0  1500  xx.xx.xx.xx     xx.xx.xx.xx         7201     -  1332493     -     -
xl0   1500  <Link#2>    xx:xx:xx:xx:xx:xx 4036405001     1 3534131265     0     0
xl0   1500  xx.xx.xx.xx  xx.xx.xx.xx       285499286     -    11105     -     -
xl0   1500  xx.xx.xx.xx  xx.xx.xx.xx       4058     -        0     -     -
ppp0* 1500  <Link#3>                             0     0        0     0     0
lo0   16384 <Link#4>                            28     0       28     0     0
lo0   16384 127           127.0.0.1              0     -        0     -     -
nat#

nat# vmstat 1
 procs      memory      page                   disk   faults      cpu
 r b w     avm    fre  flt  re  pi  po  fr  sr ad0   in   sy  cs us sy id
 0 0 0   27516 790040    1   0   0   0   1   0   0  746   14   6  0 17 83
 0 0 0   27516 790036    5   0   0   0   0   0   0 19842   23   8  0 40 60
 0 0 0   27516 790036    3   0   0   0   0   0   0 19614   23   8  0 46 54
 0 0 0   27516 790036    3   0   0   0   0   0   3 20335   23   8  0 37 63
 0 0 0   27516 790036    3   0   0   0   0   0   0 20996   23   8  0 49 51
 0 0 0   27516 790036    3   0   0   0   0   0   1 19973   23   9  0 45 55
 0 0 0   27516 790036    3   0   0   0   0   0   0 20990   23   8  0 42 58
 0 0 0   27516 790036    3   0   0   0   0   0   0 20368   27   9  0 43 57
^C

nat# cat /boot/loader.conf
userconfig_script_load="YES"
hw.ata.wc="1" 
kern.ipc.nmbclusters="60000"

nat# cat /etc/sysctl.conf
vfs.vmiodirenable=1
kern.ipc.maxsockbuf=2097152
kern.ipc.somaxconn=8192
kern.ipc.maxsockets=16424
kern.maxfiles=65536
kern.maxfilesperproc=32768
net.inet.tcp.rfc1323=1
net.inet.tcp.delayed_ack=0
net.inet.tcp.sendspace=65535
net.inet.tcp.recvspace=65535
net.inet.udp.recvspace=65535
net.inet.udp.maxdgram=57344
net.local.stream.recvspace=65535
net.local.stream.sendspace=65535
net.inet.ipf.fr_tcpidletimeout=7200
net.inet.ipf.fr_tcpclosewait=120
net.inet.ipf.fr_tcplastack=120
net.inet.ipf.fr_tcptimeout=240
net.inet.ipf.fr_tcpclosed=60
net.inet.ipf.fr_tcphalfclosed=300
net.inet.ipf.fr_udptimeout=90
net.inet.ipf.fr_icmptimeout=35
net.link.ether.inet.log_arp_wrong_iface=0
net.inet.icmp.drop_redirect=1
net.inet.icmp.icmplim_output=0
net.inet.tcp.blackhole=2  
net.inet.udp.blackhole=1  
net.inet.icmp.icmplim=300

nat# ipnat -l |wc
   31572  279674 2310903

Dec 31 19:40:59 nat /kernel: Copyright (c) 1992-2003 The FreeBSD Project.
Dec 31 19:40:59 nat /kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
Dec 31 19:40:59 nat /kernel: The Regents of the University of California. All rights reserved.
Dec 31 19:40:59 nat /kernel: FreeBSD 4.8-RELEASE #1: Fri Sep 12 09:04:24 CST 2003
Dec 31 19:40:59 nat /kernel: Timecounter "i8254"  frequency 1193182 Hz
Dec 31 19:40:59 nat /kernel: Timecounter "TSC"  frequency 2398856292 Hz
Dec 31 19:40:59 nat /kernel: CPU: Intel(R) Pentium(R) 4 CPU 2.40GHz (2398.86-MHz 686-class CPU)
Dec 31 19:40:59 nat /kernel: Origin = "GenuineIntel"  Id = 0xf29  Stepping = 9
Dec 31 19:40:59 nat /kernel: Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS
,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
Dec 31 19:40:59 nat /kernel: real memory  = 1065353216 (1040384K bytes)
Dec 31 19:40:59 nat /kernel: avail memory = 1033474048 (1009252K bytes)
Dec 31 19:40:59 nat /kernel: Preloaded elf kernel "kernel" at 0xc02f0000.
Dec 31 19:40:59 nat /kernel: Pentium Pro MTRR support enabled

Dec 31 19:40:59 nat /kernel: IP Filter: v3.4.32 initialized.  Default = pass all, Logging = enabled





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040315084726.3070B43D46>