Date: Sun, 13 Aug 2023 08:54:15 +0000 From: bugzilla-noreply@freebsd.org To: ipfw@FreeBSD.org Subject: [Bug 132774] [ipfw] IPFW with uid/gid/jail rules may lead to lockup Message-ID: <bug-132774-8303-Ske9wymI6F@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-132774-8303@https.bugs.freebsd.org/bugzilla/> References: <bug-132774-8303@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D132774 --- Comment #4 from Stefan Rink <stefanrink@yahoo.com> --- Small update; Not 100% sure if I'm hitting this one because it just freezes and I can't s= eem to get into the debugger when it happens but I noticed it didn't freeze for= a week when I forgot to load IPFW on the machine and shortly after I loaded I= PFW and restarted a jail the node froze within a couple of hours. The console usually complains about one of the bge interfaces of the lacp flapping when= it freezes. This same hardware was running 13.1 without a single crash for more then a = year and there is still another node with the same hardware and configuration running on 13.1. Currently testing with IPFW but without any rules that contain jail ids and= in the meanwhile moving more stuff to the node in the hope it will crash faste= r. Network config of the physical nodes; [bge0 + bge4] -> lagg -> vlan -> jails while CBSD was the one creating count rules that contain jail id's when IPFW was loaded.=20 ps. We also have nodes running FreeBSD 13.2 without any issues but they have different 'hardware' because they are virtual but do have IPFW and the 'cou= nt' rules per jail. - Created a new kernel with debugging and witness enabled but waiting until= it freezes again first. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-132774-8303-Ske9wymI6F>