From owner-freebsd-pf@FreeBSD.ORG Thu Sep 16 03:53:32 2004 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 674) id CF0A716A4CF; Thu, 16 Sep 2004 03:53:32 +0000 (GMT) Delivered-To: mlaier@vampire.homelinux.org Received: (qmail 9094 invoked by uid 1005); 2 Oct 2003 22:21:28 -0000 Delivered-To: max@vampire.homelinux.org Received: (qmail 9091 invoked from network); 2 Oct 2003 22:21:28 -0000 Received: from moutng.kundenserver.de (212.227.126.187) by pd9e3900c.dip.t-dialin.net with SMTP; 2 Oct 2003 22:21:28 -0000 Received: from [212.227.126.163] (helo=mxng10.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1A5CgQ-0003AQ-00 for max@vampire.homelinux.org; Fri, 03 Oct 2003 01:16:30 +0200 Received: from [206.53.239.180] (helo=turing.freelists.org) by mxng10.kundenserver.de with esmtp (Exim 3.35 #1) id 1A5CgK-0006EL-00 for max@love2party.net; Fri, 03 Oct 2003 01:16:24 +0200 Received: from turing (localhost [127.0.0.1])ESMTP id F261639115C; Thu, 2 Oct 2003 18:11:30 -0500 (EST) Received: with ECARTIS (v1.0.0; list pf4freebsd); Thu, 02 Oct 2003 18:11:25 -0500 (EST) X-Original-To: pf4freebsd@freelists.org Delivered-To: pf4freebsd@freelists.org Received: from smtp.netcabo.pt (smtp.netcabo.pt [212.113.174.9]) ESMTP id 580993906B6 for ; Thu, 2 Oct 2003 18:11:24 -0500 (EST) Received: from dequim.ist.utl.pt ([213.22.171.17]) by smtp.netcabo.pt with Microsoft SMTPSVC(5.0.2195.6713); Fri, 3 Oct 2003 00:11:20 +0100 Message-ID: <3F7CB204.9030506@dequim.ist.utl.pt> From: Bruno Afonso User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5b) Gecko/20030901 Thunderbird/0.2 X-Accept-Language: en-us, en MIME-Version: 1.0 To: pf4freebsd@freelists.org References: <1065107810.3f7c4162b252a@mrna.ist.utl.pt> <19920876018.20031002175427@love2party.net> In-Reply-To: <19920876018.20031002175427@love2party.net> Content-type: text/plain; charset=us-ascii X-OriginalArrivalTime: 02 Oct 2003 23:11:20.0982 (UTC) FILETIME=[7DE5B360:01C3893A] X-archive-position: 182 X-ecartis-version: Ecartis v1.0.0 Sender: pf4freebsd-bounce@freelists.org Errors-To: pf4freebsd-bounce@freelists.org X-original-sender: brunomiguel@dequim.ist.utl.pt Precedence: normal X-list: pf4freebsd Content-Transfer-Encoding: quoted-printable X-UID: 297 X-Length: 5415 X-Mailman-Approved-At: Thu, 16 Sep 2004 03:55:52 +0000 Subject: [pf4freebsd] Re: pf errors meaning X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: pf4freebsd@freelists.org List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Thu, 16 Sep 2004 03:53:32 -0000 X-Original-Date: Fri, 03 Oct 2003 00:17:24 +0100 X-List-Received-Date: Thu, 16 Sep 2004 03:53:32 -0000 Hey Max, > Well ... what do you mean by "due to dnscache"? Any traces, dumps or > anything that might help to really debug? I couldn't think right since my "boss" was yelling at me. Here's the=20 only thing I have: db> show map Task map 0xc01c3745: pmap=3D0x82444c7, nentries=3D-1324417024, version=3D= 203703495 map entry 0xc0850000: start=3D0, end=3D0 prot=3D0/0/share, object=3D0, offset=3D0x0 Fatal trap 12: page fault while in kernel mode fault virtual address =3D 0x14 fault code =3D supervisor read, page not present instruction pointer =3D 0x8:0xc031d976 stack pointer =3D 0x10:0xdfbaaa44 frame pointer =3D 0x10:0xdfbaaa64 code segment =3D base 0x0, limit 0xfffff, type 0x1b =3D DPL 0, pres 1, def32 1, gran 1 processor eflags =3D resume, IOPL =3D 0 current process =3D 591 (dnscache) kernel: type 12 trap, code=3D0 Stopped at _fget+0x15: movl $0,0(%edx) Stupid me forgot to do a trace.... > BA> I must say that the machine has been routing ~1megbyte/sec for 24h+= . Can this > BA> be too much of a stress ? :> >=20 > Should not ... obviously. We're at about 10% max... > These are strange (and should not exist). First of all such should only > show up when you remove the pf module and even then, they should not. > The meaning of it, is that some tables could not be freed as expected. > In the long run that's bad. Check the output of "vmstat -z | grep ^pf" I'm dumping now every 10min vmstat -z |grep ^pf into a file. > BA> thoughts? >=20 > Hmmm ... for some reason your seem to remove/stop pf right after (23sec= ) > you loaded/started it. That might come from old pf.sh scripts lurking > around in /usr/local/etc/rc.d from a previous ports installation. Pleas= e > check kdlstat output once the box booted to make sure that you really > have pf in place. Additionally you'd make sure that you only have the > up2date modules and not old ones in /usr/local/modules from a previous > port installation. I had only .sh start script. the others were .sh~ and .sh.d, which=20 shouldn't run at all. Anyway, I've removed them. No pf modules in local/modules :> The box boots ok, as I have just rebooted it. It started fine, pf et al. > If you keep getting panics it'd be quite interesting to see at least a > trace of those. Without it, it's impossible to tell what's the reason > for it. I know. I posted hoping for some feedback... apparently, it's not pf=20 related as no one else seems to be having problems. I had to disable now=20 the break into ddb as I can't afford the box down for a couple hours :-( Unfortunately, someone pressed the restart button before I could get to=20 ddb via serial console... Bruno, hoping in case any other panic occurs, the machine can restart=20 doing its business... :>