Date: Tue, 28 Feb 2012 16:37:40 +0100 From: Alexander Leidinger <Alexander@Leidinger.net> To: ~Lst <slackbie@gmail.com> Cc: stable@freebsd.org, current@freebsd.org Subject: Re: [CFT] modular kernel config Message-ID: <20120228163740.Horde.-AvCD5jmRSRPTPTEkzY476A@webmail.leidinger.net> In-Reply-To: <CAJMUr60JH7Xv13SyJ5D8C63Dj4CPnsrJU3htYEdRaoU7i4oG4A@mail.gmail.com> References: <20120221143537.Horde.deyFDZjmRSRPQ52pxBIpnLA@webmail.leidinger.net> <BA7FFA2D-DEE6-4FB7-AE26-0BC79CBFD8C0@lists.zabbadoz.net> <4F4BA707.5070608@wasikowski.net> <4F4C3FE7.3040802@FreeBSD.org> <CAJMUr60JH7Xv13SyJ5D8C63Dj4CPnsrJU3htYEdRaoU7i4oG4A@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Quoting ~Lst <slackbie@gmail.com> (from Tue, 28 Feb 2012 16:38:43 +0700): > 2012/2/28 Steve Wills <swills@freebsd.org>: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On 02/27/12 10:53, =C5=81ukasz W=C4=85sikowski wrote: >>> W dniu 2012-02-22 23:31, Bjoern A. Zeeb pisze: >>> >>>> You cannot ship that on by default for non-tecnical reasons in a >>>> kernel. =C2=A0Please do not commit a kernel config that can be booted >>>> (no LINT cannot be booted) with these on without consulting >>>> appropriate hats upfront. >>>> >>>> >>>>> - ALTQ - SW_WATCHDOG - QUOTA - IPSTEALTH (disabled in >>>>> loader.conf) - IPFIREWALL_FORWARD (touches every packet, power >>>>> users which need a bigger PPS but not this feature can >>>>> recompile the kernel, discussed with julian@) - FLOWTABLE >>>>> (disabled in loader.conf) >>>> Which is not the same as it's not 100% disabled and will still >>>> allocate memory. >>> >>> FLOWTABLE on 8.x crashed BGP routers (kern/144917). I don't know if >>> it is fixed by now, but this kind of potential problematic features >>> should not be enabled by default. >>> >> >> Agree, I've run into problems with FLOWTABLE (with just the features >> that were enabled by default in 8.0) when routers changed MAC >> addresses. As far as I understand it, FLOWTABLE is both broken and >> abandoned (but if I'm wrong, please let me know). >> >> So, IMHO, not only should it not be enabled by default, but given that >> it was disabled complete in 8.x after 8.0 (too lazy to look at exactly >> when right now), I think it shouldn't even be included, since that >> might encourage users to try it out only to encounter problems with it. >> >> Steve >> > > Definitely yes, I'd some problems too with FLOWTABLE running for router. > So I have to disabled in kernel and sysctl. To make sure I understand you correctly: Did you disabled it with the sysctl/loader-tunable and everything was OK again, or did you had to remove it from the kernel config (disabling via sysctl was not enough) to resolve the issue? I have one report where a person has issue with FLOWTABLE, but disabling it via the sysctl/loader-tunable was enough to address his concerns. Bye, Alexander. -- The light at the end of the tunnel is the headlamp of an oncoming train. http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID =3D B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID =3D 72077137
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120228163740.Horde.-AvCD5jmRSRPTPTEkzY476A>