Date: Sat, 20 Mar 2010 23:06:35 GMT From: Doychin Dokov <root@net1.cc> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/144917: Flowtable crashes system Message-ID: <201003202306.o2KN6Z55038744@www.freebsd.org> Resent-Message-ID: <201003202310.o2KNA2M6080858@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 144917 >Category: kern >Synopsis: Flowtable crashes system >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Mar 20 23:10:02 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Doychin Dokov >Release: 8.0-RELEASE-p2 >Organization: Data Syst Ltd. >Environment: FreeBSD wilma.net1.cc 8.0-RELEASE-p2 FreeBSD 8.0-RELEASE-p2 #0: Tue Jan 5 21:11:58 UTC 2010 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 >Description: It seems like flowtable has been merged and enabled by default in 8.0.... which is a really really bad idea. On a system which handles two full BGP tables it makes one of the CPU cores run at 100% right after most of the prefixes get installed in the routing table. Performance is seriously harmed, as well is ZFS speed - it's dramatically slow (sometimes 3x-4x). The system crashes in random time - between 1 and 10 minutes right after it has booted and started installing the routes in the kernel routing table. Observations with top -PS show that a process called 'flowcontroller' is overwhelming the CPU. Adding net.inet.flowtable.enable=0 to /etc/sysctl.conf AND rebooting the system fixes the problem. Changing the sysctl after the problem has appeared does not seem to fix it - the system still crashes in a while. This is very very embarassing when upgrading from 7.x, and is also very undocumented: wilma# man flowcontroller No manual entry for flowcontroller wilma# man flowtable No manual entry for flowtable I think this feature should be disabled by default (according to what i've found about that, it helps with heavy traffic like 10G links - it's far more frequent for one to use lots of prefixes than 10G), or - at least - better documented and maybe automatically disabled by packages which deal with lots of prefixes (e.g. quagga, openbgpd, etc.) >How-To-Repeat: 1. Install 8.0-RELEASE (does not matter if you update to the latest patchlevel with freebsd-update) 2. Install quagga or openbgpd or some other routing daemon 3. Feed it with lots of routes (e.g. full internet routing table) 4. Grab a coffee 5. It'll crash until your cup is still smoking. P.S. I've only tested with FreeBSD installed on ZFS root >Fix: Add this to /etc/sysctl.conf: net.inet.flowtable.enable=0 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201003202306.o2KN6Z55038744>