From owner-freebsd-current@FreeBSD.ORG Thu Mar 1 02:01:55 2012 Return-Path: Delivered-To: current@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id CC802106564A; Thu, 1 Mar 2012 02:01:55 +0000 (UTC) (envelope-from swills@FreeBSD.org) Received: from mouf.net (unknown [IPv6:2607:fc50:0:4400:216:3eff:fe69:33b2]) by mx1.freebsd.org (Postfix) with ESMTP id 82B0A8FC0A; Thu, 1 Mar 2012 02:01:55 +0000 (UTC) Received: from meatwad.mouf.net (cpe-024-162-230-236.nc.res.rr.com [24.162.230.236]) (authenticated bits=0) by mouf.net (8.14.4/8.14.4) with ESMTP id q2121j0s074156 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT); Wed, 29 Feb 2012 21:01:45 -0500 (EST) (envelope-from swills@FreeBSD.org) Message-ID: <4F4ED889.2070608@FreeBSD.org> Date: Wed, 29 Feb 2012 21:01:45 -0500 From: Steve Wills User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:9.0) Gecko/20111228 Thunderbird/9.0 MIME-Version: 1.0 To: "K. Macy" References: <20120221143537.Horde.deyFDZjmRSRPQ52pxBIpnLA@webmail.leidinger.net> <4F4BA707.5070608@wasikowski.net> <4F4C3FE7.3040802@FreeBSD.org> <4F4D51CB.2010508@FreeBSD.org> <4F4D5E5D.9040302@FreeBSD.org> <4F4DD288.5060106@FreeBSD.org> In-Reply-To: X-Enigmail-Version: 1.1.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (mouf.net [204.109.58.86]); Wed, 29 Feb 2012 21:01:47 -0500 (EST) X-Virus-Scanned: clamav-milter 0.97.2 at mouf.net X-Virus-Status: Clean Cc: stable@FreeBSD.org, Doug Barton , current@FreeBSD.org, =?UTF-8?B?eiBXxIVzaWtvd3NraQ==?= , Arnaud Lacombe , Alexander Leidinger , "Bjoern A. Zeeb" Subject: Re: flowtable usable or not X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Mar 2012 02:01:55 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/29/12 13:17, K. Macy wrote: > . >> >> I tried it, on both FreeBSD routers, web systems, and database >> servers; all on 8.2+. It still causes massive instability. >> Disabling the sysctl, and/or removing it from the kernel solved >> the problems. > > Routing I can believe, but I'm wondering how close attention you > paid to the workload. There are CDN networks with high uptimes and > shipping firewall products that use flowtable, so your mention of > web systems forces makes me ask for specifics. > The failure I experienced was with web servers running 8.0 behind a F5 load balancer in an HA setup. Whenever the failover happened, the web servers would continue sending to the wrong MAC address, despite the arp table updating. Disabling flowtable via the sysctl solved the problem. Maybe Doug's failure was similar, maybe not, but I thought I'd throw my $0.02 in. Steve -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iQEcBAEBAgAGBQJPTtiJAAoJEPXPYrMgexuhp8EIAKGGtZzcxgQ4zVO5SKy1jAOH DXLRLYfdm8NJB9hYEvtUa9/nltAE35zQMp7FU4AlZ2L2ol/J7W9aODiN0gw9AFEr dxBYyQliDKvVwLgah9a5PaXNM3kpx9ZvZGM3lBQGQbZaEV+ERwjBXkfIqjEB4Ei5 bBd7841jQm22s1xJOuJTdMGrpnY1DMUPdPCFOAtyQmTAhWpoELgtQBvP9kGYNKv2 3NAPnjFuooe9fdze9VSO8TWFJSb82DVbRsz6JiR0998oHXPApCh4I5y1rNcg2qA/ 1x2EdFlivXpgjC4nKUgFjhohmdGv20FrLfex4eOq6dSMF0Baje86PJcc8EZ1DK0= =NUft -----END PGP SIGNATURE-----