Date: Tue, 16 Aug 2011 17:14:59 -0700 From: =?iso-8859-1?Q?Ask_Bj=F8rn_Hansen?= <ask@develooper.com> To: Mike Tancsa <mike@sentex.net> Cc: embedded@freebsd.org, net@freebsd.org Subject: Re: system locks up with vr driver on alix board Message-ID: <9255C71C-BB78-417E-A900-85140FC2050C@develooper.com> In-Reply-To: <4E4AB3BE.4090603@sentex.net> References: <D8B41107-90ED-4357-A7DA-4FF987C70567@develooper.com> <4E4AB3BE.4090603@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_03AF8E95-0643-40C5-9041-A4F3FC5C62D2 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=iso-8859-1 On Aug 16, 2011, at 11:15, Mike Tancsa wrote: >> An hour or two after the log stopped showing; the system stopped = routing packets, but frustratingly kept sending CARP messages out so the = secondary firewall didn't pick up the IP addresses to take over. >>=20 >> Any ideas? >=20 > Not sure if CARP has something to do with it as I have quite a few > RELENG_8 boxes out there running on Alix boxes (2 and 3 port as well = as > Soekris 5501s). Yeah, there must be thousands! > But I think the 7.4 and 8.2 drivers for vr are essentially the same. = That being said, there are some updates in RELENG_8 to the driver. Not = sure if that makes any difference to your issue. >=20 > http://svnweb.freebsd.org/base?view=3Drevision&revision=3D223681 Yeah - none of that looks relevant. Indeed I'm not even sure that it = has anything to do with the vr driver -- that's just the only potential = symptom that I could find. I've stripped down those boxes so they = really don't do anything more than routing (from vr interfaces) and = firewall (with pf). The only daemons running (other than getty and = sshd) are ntpd and radvd. One of them just imploded in this way again (and it's a new board, so = I'm pretty sure it's not a hardware problem). I now disabled OpenVPN = (it was idle already), an unnecessary VLAN and made the configuration as = simple as it can be and still work -- I am including it in full (with = un-obfuscated IP addresses to make sure I don't hide any potential = problem). Some years ago I recall trouble running carp on vlan interfaces. Is it = possible that's back in some way? - ask --=20 http://develooper.com/ - http://askask.com/ sshd_enable=3D"YES" ntpd_enable=3D"YES" ntpd_flags=3D"-p /var/run/ntpd.pid -f /etc/ntp/ntpd.drift -g" hostname=3D"gw-b.dev" ipv6_enable=3D"YES" radvd_enable=3D"YES" ifconfig_vr0=3D"inet 207.171.2.196/29" ipv6_ifconfig_vr0=3D"2607:F238:0:11::4/125" ifconfig_vr1=3D"inet 207.171.7.3/24" ipv6_ifconfig_vr1=3D"2607:f238:3::3/64" ifconfig_vr2=3D"up" ifconfig_lo0_alias1=3D"inet 127.0.0.3" ifconfig_vlan1=3D"inet 10.77.73.2/29 vlan 103 vlandev vr2" ifconfig_vlan2=3D"inet 10.0.100.3/24 vlan 102 vlandev vr2" ifconfig_carp0=3D"vhid 110 advskew 120 pass aherjkhfare = 207.171.2.194/29" ifconfig_carp1=3D"vhid 111 advskew 120 pass j798gyuhjks 207.171.7.1/24" ifconfig_carp2=3D"vhid 112 advskew 120 pass 5783jkdfssd 10.0.100.1/24" ifconfig_carp4=3D"vhid 114 advskew 120 pass ketrjhstres 10.0.100.254/24" ipv6_ifconfig_carp0=3D"2607:F238:0:11::2/125" ipv6_ifconfig_carp1=3D"2607:F238:3::1/64" defaultrouter=3D"207.171.2.193" ipv6_defaultrouter=3D"2607:F238:0:11::1" pfsync_enable=3D"YES" pfsync_syncdev=3D"vlan1" cloned_interfaces=3D"vlan1 vlan2 vlan3 carp0 carp1 carp2 carp3 carp4 = carp60 carp61 carp63" gateway_enable=3D"YES" ipv6_gateway_enable=3D"YES" pf_enable=3D"YES" pflog_enable=3D"NO" --Apple-Mail=_03AF8E95-0643-40C5-9041-A4F3FC5C62D2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9255C71C-BB78-417E-A900-85140FC2050C>