From owner-freebsd-net@FreeBSD.ORG  Sun Sep 26 19:50:10 2004
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6C17216A4D0
	for <freebsd-net@freebsd.org>; Sun, 26 Sep 2004 19:50:10 +0000 (GMT)
Received: from shuttle.wide.toshiba.co.jp (shuttle.wide.toshiba.co.jp
	[202.249.10.124])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D57CC43D1D
	for <freebsd-net@freebsd.org>; Sun, 26 Sep 2004 19:50:09 +0000 (GMT)
	(envelope-from jinmei@isl.rdc.toshiba.co.jp)
Received: from ocean.jinmei.org (unknown [2001:4f8:3:bb:200:39ff:fed7:e2e4])
	by shuttle.wide.toshiba.co.jp (Postfix) with ESMTP
	id F3F9715263; Mon, 27 Sep 2004 04:50:06 +0900 (JST)
Date: Mon, 27 Sep 2004 04:50:04 +0900
Message-ID: <y7vbrfs6c9f.wl@ocean.jinmei.org>
From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?=
	<jinmei@isl.rdc.toshiba.co.jp>
To: Pekka Savola <pekkas@netcore.fi>
In-Reply-To: <Pine.LNX.4.44.0409251428430.6730-100000@netcore.fi>
References: <y7vzn3fijpb.wl@ocean.jinmei.org>
	 <Pine.LNX.4.44.0409251428430.6730-100000@netcore.fi>
User-Agent: Wanderlust/2.10.1 (Watching The Wheels) Emacs/21.3 Mule/5.0
	(SAKAKI)
Organization: Research & Development Center, Toshiba Corp., Kawasaki, Japan.
MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen")
Content-Type: text/plain; charset=US-ASCII
cc: freebsd-net@freebsd.org
cc: snap-users@kame.net
Subject: Re: (KAME-snap 8794) Re: Weird memory exhaustion with FreeBSD
	4.10-STABLE
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 26 Sep 2004 19:50:10 -0000

>>>>> On Sat, 25 Sep 2004 14:34:39 +0300 (EEST), 
>>>>> Pekka Savola <pekkas@netcore.fi> said:

>> >> 1. do you see massive number of entries with "netstat -rna"?
>> 
>> > Yes.
>> 
>> > # netstat -nra | wc -l
>> >    32468
>> > #
>> 
>> Okay, to be sure, most of them are IPv6 routing entries, right?

> Yes, 99.99%.

I can think of several possibilities that may cause the entries:

- when this node sends ICMPv6 error messages to those addresses, it
  can create route entries.  I suspect this is the main reason since
  in this case the destination of route entries would contain other
  types of addresses than 6to4.  You can (implicitly) check if this
  happened by looking at the result of 'netstat -s -p icmp6'
- if this node can be the originator (i.e., not a forwarder as a
  router) to those destinations, it can create host routes for the
  destinations.
- if you use some network-level hooks (e.g., packet filters) that rely
  on routing table lookups, the node may have the host routes.

Can one of those be the case in your environment?

					JINMEI, Tatuya
					Communication Platform Lab.
					Corporate R&D Center, Toshiba Corp.
					jinmei@isl.rdc.toshiba.co.jp