From owner-freebsd-net@FreeBSD.ORG Sat Mar 29 14:02:43 2014 Return-Path: Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4A16A918; Sat, 29 Mar 2014 14:02:43 +0000 (UTC) Received: from cpsmtpb-ews03.kpnxchange.com (cpsmtpb-ews03.kpnxchange.com [213.75.39.6]) by mx1.freebsd.org (Postfix) with ESMTP id B19953B7; Sat, 29 Mar 2014 14:02:42 +0000 (UTC) Received: from cpsps-ews27.kpnxchange.com ([10.94.84.193]) by cpsmtpb-ews03.kpnxchange.com with Microsoft SMTPSVC(7.5.7601.17514); Sat, 29 Mar 2014 15:02:32 +0100 Received: from CPSMTPM-CMT108.kpnxchange.com ([195.121.3.24]) by cpsps-ews27.kpnxchange.com with Microsoft SMTPSVC(7.5.7601.17514); Sat, 29 Mar 2014 15:02:32 +0100 Received: from donald.offrom.nl ([77.170.60.162]) by CPSMTPM-CMT108.kpnxchange.com with Microsoft SMTPSVC(7.0.6002.18264); Sat, 29 Mar 2014 15:02:30 +0100 Received: from squid (squid.offrom.nl [192.168.0.72]) by donald.offrom.nl (8.14.7/8.14.7) with ESMTP id s2TE2T8C009227; Sat, 29 Mar 2014 15:02:29 +0100 (CET) (envelope-from willy@vpn.offrom.nl) Received: from willy by squid with local (Exim 4.72) (envelope-from ) id 1WTtq9-0005go-Pj; Sat, 29 Mar 2014 15:02:29 +0100 Date: Sat, 29 Mar 2014 15:02:29 +0100 From: Willy Offermans To: Willy Offermans Subject: Re: TCP packets remain unsent Message-ID: <20140329140229.GE3528@vpn.offrom.nl> References: <20140328162554.GA26748@vpn.offrom.nl> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20140328162554.GA26748@vpn.offrom.nl> User-Agent: Mutt/1.5.20 (2009-06-14) X-OriginalArrivalTime: 29 Mar 2014 14:02:30.0639 (UTC) FILETIME=[866A5FF0:01CF4B57] X-RcptDomain: FreeBSD.ORG Cc: freebsd-net@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: Willy@Offermans.Rompen.nl List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Mar 2014 14:02:43 -0000 Dear FreeBSD friends, On Fri, Mar 28, 2014 at 05:25:54PM +0100, Willy Offermans wrote: > Dear FreeBSD friends, > > I have a problem with my relatively new FreeBSD server. I came across the > problem when sending e-mails of larger size and copying files with scp. > The e-mails were not sent out because of time-out error and the copying was > extremely slow, though successful after a while. I already started a thread > on this topic on freebsd-current. See > http://docs.freebsd.org/mail/current/freebsd-current.html, topic > sendmail Broken Pipe Error. I got some help to narrow down the > error: Sending out e-mails of larger size stops at some point. TCP packets > were not transferred to the smarthost causing a timeout error. There were > still some TCP packets waiting to be sent. > > My system is a HP ProLiant Gen8 MicroServer with FreeBSD 10.0-STABLE #0 > r261266M. The server has two network cards: > > bge0@pci0:3:0:0: class=0x020000 card=0x2133103c chip=0x165f14e4 rev=0x00 hdr=0x00 > vendor = 'Broadcom Corporation' > device = 'NetXtreme BCM5720 Gigabit Ethernet PCIe' > class = network > subclass = ethernet > bge1@pci0:3:0:1: class=0x020000 card=0x2133103c chip=0x165f14e4 rev=0x00 hdr=0x00 > vendor = 'Broadcom Corporation' > device = 'NetXtreme BCM5720 Gigabit Ethernet PCIe' > class = network > subclass = ethernet > > I do not know if there any known issues with these cards (drivers). > > Before the time out error occurs, the CPU loading of natd and dhcpd is > steadily increasing to extreme values to my opinion: > > PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND > > 1235 root 1 93 0 28908K 2144K RUN 0 54:05 71.78% natd > 1614 dhcpd 1 4 0 26784K 14936K RUN 0 29:24 38.77% dhcpd > > I followed an advice of another FreeBSD friend to modify tcp_input.c > > > ... > You may want to locally apply SVN r258821 to sys/netinet/tcp_input.c, > in case it has not been merged back to the FreeBSD version you use: > > --- sys/netinet/tcp_input.c (revision 258820) > +++ sys/netinet/tcp_input.c (revision 258821) > @@ -2429,13 +2429,15 @@ > hhook_run_tcp_est_in(tp, th, &to); > > if (SEQ_LEQ(th->th_ack, tp->snd_una)) { > - if (tlen == 0 && tiwin == tp->snd_wnd) { > + if (tlen == 0 && tiwin == tp->snd_wnd && > + !(thflags & TH_FIN)) { > TCPSTAT_INC(tcps_rcvdupack); > /* > * If we have outstanding data (other than > * a window probe), this is a completely > * duplicate ack (ie, window info didn't > - * change), the ack is the biggest we've > + * change and FIN isn't set), > + * the ack is the biggest we've > * seen and we've seen exactly our rexmt > * threshhold of them, assume a packet > * has been dropped and retransmit it. > > ... > > > However this did not solve the issue. > > So my question to you is if someone else encountered a similar problem with > NetXtreme BCM5720 Gigabit Ethernet PCIe and if someone is able to take this > up and to help me to solve this issue. I would love to run this FreeBSD > server as a swiss clock as other beastie servers, I have setup in the past. > > -- I could narrow down the cause of the error: If I remove the following line from my firewall rules, I could sent out e-mails without issues. /sbin/ipfw add 50 divert natd all from any to any via bge0 I do not know yet how things are related, but I will dig into it. If someone has a hint, please respond to the list. -- Met vriendelijke groeten, With kind regards, Mit freundlichen Gruessen, De jrus wah, Wiel ************************************* W.K. Offermans e-mail: Willy@Offermans.Rompen.nl Powered by .... (__) \\\'',) \/ \ ^ .\._/_) www.FreeBSD.org