From owner-freebsd-pf@FreeBSD.ORG  Sun Sep  9 17:50:43 2012
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D31A0106564A
	for <pf@freebsd.org>; Sun,  9 Sep 2012 17:50:43 +0000 (UTC)
	(envelope-from ianf@clue.co.za)
Received: from zcs04.jnb1.cloudseed.co.za (zcs04.jnb1.cloudseed.co.za
	[41.154.0.161]) by mx1.freebsd.org (Postfix) with ESMTP id 5CFDA8FC15
	for <pf@freebsd.org>; Sun,  9 Sep 2012 17:50:42 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by zcs04.jnb1.cloudseed.co.za (Postfix) with ESMTP id 01ADC2A82A86;
	Sun,  9 Sep 2012 19:50:34 +0200 (SAST)
X-Virus-Scanned: amavisd-new at zcs04.jnb1.cloudseed.co.za
Received: from zcs04.jnb1.cloudseed.co.za ([127.0.0.1])
	by localhost (zcs04.jnb1.cloudseed.co.za [127.0.0.1]) (amavisd-new,
	port 10024)
	with ESMTP id oXWplti5ib8u; Sun,  9 Sep 2012 19:50:32 +0200 (SAST)
Received: from clue.co.za (unknown [41.154.88.19])
	by zcs04.jnb1.cloudseed.co.za (Postfix) with ESMTPSA id 3CB242A829F8;
	Sun,  9 Sep 2012 19:50:32 +0200 (SAST)
Received: from localhost ([127.0.0.1] helo=clue.co.za)
	by clue.co.za with esmtp (Exim 4.80 (FreeBSD))
	(envelope-from <ianf@clue.co.za>)
	id 1TAleN-0001k7-W3; Sun, 09 Sep 2012 19:50:28 +0200
To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
From: Ian FREISLICH <ianf@clue.co.za>
In-Reply-To: <alpine.BSF.2.00.1209091714050.13080@ai.fobar.qr>
References: <alpine.BSF.2.00.1209091714050.13080@ai.fobar.qr>
	<CAPBZQG1iQ31bxMkKOKUUFpfOt15YMxgx1hmnj3HsQSj++GJYqw@mail.gmail.com>
	<20120905115140.GF15915@FreeBSD.org> <50476187.8000303@gibfest.dk>
	<20120905183607.GI15915@glebius.int.ru>
	<CAPBZQG0a4WVB4W4OwF3CAJH-G4DTDan-Nz1HR1SFAgFOfe+a=Q@mail.gmail.com>
	<20120906064640.GL15915@glebius.int.ru>
	<E1T9upR-0000bK-SI@clue.co.za> 
X-Attribution: BOFH
Date: Sun, 09 Sep 2012 19:50:27 +0200
Message-Id: <E1TAleN-0001k7-W3@clue.co.za>
Cc: pf@freebsd.org
Subject: Re: pf spurious packet drops [was: [HEADS UP] merging projects/pf
	into head]
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Sep 2012 17:50:43 -0000

"Bjoern A. Zeeb" wrote:
> On Fri, 7 Sep 2012, Ian FREISLICH wrote:
> 
> > I don't think Gleb is is being personal about this.  Facts are
> > facts and pf is currently unusable for me, even at home because
> > of spuriously dropped packets.
> 
> We also have a report that it leaks mbufs and eventually panics after
> a few months.  Would be interesting to know if these things were
> related.

We've not had any panics, but we have had wierd stops forwarding
that started recently (on 8.1) which seemed to be triggered by the
BPF, but it could be related in some way.  The odd thing is that
this system has run the same code for 13 months.  And the 29 day
stops only started recently.

Ermal has asked for some more detailed debugging, but that's really
really hard to get because the system involved handles so much
traffic and the state table is so big, it's a needle in a continent
of haystacks.

Anyway, we're going to be migrating this system to Gleb's code early
this week and take it from there.

Ian

-- 
Ian Freislich