Date: Tue, 28 Feb 2012 16:38:43 +0700 From: "~Lst" <slackbie@gmail.com> To: stable@freebsd.org Cc: current@freebsd.org Subject: Re: [CFT] modular kernel config Message-ID: <CAJMUr60JH7Xv13SyJ5D8C63Dj4CPnsrJU3htYEdRaoU7i4oG4A@mail.gmail.com> In-Reply-To: <4F4C3FE7.3040802@FreeBSD.org> References: <20120221143537.Horde.deyFDZjmRSRPQ52pxBIpnLA@webmail.leidinger.net> <BA7FFA2D-DEE6-4FB7-AE26-0BC79CBFD8C0@lists.zabbadoz.net> <4F4BA707.5070608@wasikowski.net> <4F4C3FE7.3040802@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
2012/2/28 Steve Wills <swills@freebsd.org>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 02/27/12 10:53, =C5=81ukasz W=C4=85sikowski wrote: >> W dniu 2012-02-22 23:31, Bjoern A. Zeeb pisze: >> >>> You cannot ship that on by default for non-tecnical reasons in a >>> kernel. =C2=A0Please do not commit a kernel config that can be booted >>> (no LINT cannot be booted) with these on without consulting >>> appropriate hats upfront. >>> >>> >>>> - ALTQ - SW_WATCHDOG - QUOTA - IPSTEALTH (disabled in >>>> loader.conf) - IPFIREWALL_FORWARD (touches every packet, power >>>> users which need a bigger PPS but not this feature can >>>> recompile the kernel, discussed with julian@) - FLOWTABLE >>>> (disabled in loader.conf) >>> Which is not the same as it's not 100% disabled and will still >>> allocate memory. >> >> FLOWTABLE on 8.x crashed BGP routers (kern/144917). I don't know if >> it is fixed by now, but this kind of potential problematic features >> should not be enabled by default. >> > > Agree, I've run into problems with FLOWTABLE (with just the features > that were enabled by default in 8.0) when routers changed MAC > addresses. As far as I understand it, FLOWTABLE is both broken and > abandoned (but if I'm wrong, please let me know). > > So, IMHO, not only should it not be enabled by default, but given that > it was disabled complete in 8.x after 8.0 (too lazy to look at exactly > when right now), I think it shouldn't even be included, since that > might encourage users to try it out only to encounter problems with it. > > Steve > Definitely yes, I'd some problems too with FLOWTABLE running for router. So I have to disabled in kernel and sysctl. Rgds, -- Lasta Yani
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJMUr60JH7Xv13SyJ5D8C63Dj4CPnsrJU3htYEdRaoU7i4oG4A>