From owner-svn-src-all@FreeBSD.ORG Fri Oct 2 10:38:27 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 286891065672; Fri, 2 Oct 2009 10:38:27 +0000 (UTC) (envelope-from simon@benji.nitro.dk) Received: from mx.nitro.dk (zarniwoop.nitro.dk [83.92.207.38]) by mx1.freebsd.org (Postfix) with ESMTP id D8F158FC17; Fri, 2 Oct 2009 10:38:26 +0000 (UTC) Received: from benji.nitro.dk (unknown [192.168.3.39]) by mx.nitro.dk (Postfix) with ESMTP id 3EBCC2D48B8; Fri, 2 Oct 2009 10:38:25 +0000 (UTC) Received: by benji.nitro.dk (Postfix, from userid 2000) id 12BF810A63; Fri, 2 Oct 2009 12:38:25 +0200 (CEST) Date: Fri, 2 Oct 2009 12:38:24 +0200 From: "Simon L. Nielsen" To: Tom Judge Message-ID: <20091002103824.GA1653@zaphod.nitro.dk> References: <200910012032.n91KWTOa064111@svn.freebsd.org> <4AC59C42.1030903@tomjudge.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4AC59C42.1030903@tomjudge.com> User-Agent: Mutt/1.5.20 (2009-06-14) Cc: svn-src-head@freebsd.org, Qing Li , svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r197687 - head/sys/net X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Oct 2009 10:38:27 -0000 On 2009.10.02 06:22:58 +0000, Tom Judge wrote: > Qing Li wrote: > > Author: qingli > > Date: Thu Oct 1 20:32:29 2009 > > New Revision: 197687 > > URL: http://svn.freebsd.org/changeset/base/197687 > > > > Log: > > The flow-table associates TCP/UDP flows and IP destinations with > > specific routes. When the routing table changes, for example, > > when a new route with a more specific prefix is inserted into the > > routing table, the flow-table is not updated to reflect that change. > > As such existing connections cannot take advantage of the new path. > > In some cases the path is broken. This patch will update the affected > > flow-table entries when a more specific route is added. The route > > entry is properly marked when a route is deleted from the table. > > In this case, when the flow-table performs a search, the stale > > entry is updated automatically. Therefore this patch is not > > necessary for route deletion. > > Hi, > > Will this fix the issue that I see visualising its self as packet loss > over a VPN tunnel? > > The tunnel is an openvpn (tun mode) tunnel providing a route to > 192.168.201.0/24 however when I ping an address in this network with > flowtable enabled I see 2-3 out of every 5-6 packets end up being sent > out of bge0 (IP 172.17.XX.XX/23 GW 172.17.XX.1) to the default gateway > (which responds with destination host unreachable) rather than down tun0. This sounds very similar to the problem I was seeing (also with OpenVPN), which was fixed by qingli's patch. The packet is most likely actually not lost, but routed to your default gateway instead (or whatever it would be sent before the VPN was created). -- Simon L. Nielsen