From owner-freebsd-ipfw@FreeBSD.ORG Fri Mar 14 14:20:09 2008 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 42CA61065674 for ; Fri, 14 Mar 2008 14:20:09 +0000 (UTC) (envelope-from darcy@dbitech.ca) Received: from lists.commandprompt.com (host-159.commandprompt.net [207.173.203.159]) by mx1.freebsd.org (Postfix) with ESMTP id 2D6338FC16 for ; Fri, 14 Mar 2008 14:20:09 +0000 (UTC) (envelope-from darcy@dbitech.ca) Received: from dbitech.homenet.dbitech.bc.ca (d205-250-11-93.bchsia.telus.net [205.250.11.93]) (authenticated bits=0) by lists.commandprompt.com (8.13.8/8.13.8) with ESMTP id m2EDUIKZ005754 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 14 Mar 2008 06:30:19 -0700 From: Darcy Buskermolen Organization: DBI Technologies To: freebsd-ipfw@freebsd.org Date: Fri, 14 Mar 2008 06:28:55 -0700 User-Agent: KMail/1.9.7 References: <1205343184.4032.44.camel@wade-linux.itiva.com> <1205442400.4349.18.camel@wade-linux.itiva.com> <200803140447.18646.asstec@matik.com.br> In-Reply-To: <200803140447.18646.asstec@matik.com.br> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200803140628.55989.darcy@dbitech.ca> X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (lists.commandprompt.com [207.173.203.159]); Fri, 14 Mar 2008 06:30:19 -0700 (PDT) Subject: Re: On the trail of a dummynet/bridge/ipfw bug. X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Mar 2008 14:20:09 -0000 On Friday 14 March 2008 00:47:18 AT Matik wrote: > On Thursday 13 March 2008 18:06:40 Wade Klaver wrote: > > OK, here's something weird then. ipfw pipe show | wc -l has reported > > higher numbers: > > [root@ibm3550b ~]# ipfw pipe show | wc -l > > 3453 > > This was reported after the bridge "died" attempting 2600 simultaneous > > connections... it had been running at 2400 before I added 200 more. > > Now, immediately after the above crash, I do a /etc/rc.d/netif restart, > > and then: > > [root@ibm3550b ~]# ipfw pipe show | wc -l > > 3900 > > Then as long as I add additional connections very slowly, I can manage > > to get more established until it dies at 2800 with: > > [root@ibm3550b ~]# ipfw pipe show | wc -l > > 4160 > > At this point I am only using these numbers as a general indication of > > pipe activity as the output is not 1 pipe per line. In fact there is > > more often than not two lines per pipe. However, the end problem > > remains the same. After a point, the bridge doesn't get saturated, it > > crashes and requires that the network be restarted before continuing. > > The fact that it is necessary only to restart the network and not to > > flush ipfw's pipes (which has no effect without a network restart) > > perhaps suggests the problem lies in a different subsystem? The > > broadcom driver perhaps? Wade, are you in a position to try this with a pair of intel gigE cards, using the em driver? That should at least answer if it's a bce issue. > > hard to say because you do not tell so very much about your machine, it > might be too weak for so many pipes (mem or cpu?), The original post had the system configuration in terms of system, CPU and memory. > I do not know your setup > or the nics you use > you say it crash but can restart the network? probably you have some error > in your script or since you run bridge some mac issue?