Date: Sun, 25 Jul 1999 01:21:32 -0400 From: Carroll Kong <damascus@eden.rutgers.edu> To: freebsd-stable@FreeBSD.ORG Subject: NATD 3.2-Release Issues? Message-ID: <4.2.0.58.19990725010824.01312ce0@email.eden.rutgers.edu>
next in thread | raw e-mail | index | archive | help
Hi guys. I have been using 3.2-Release for quite some time now as a natd. Normally I have no problems with this setup at all. However, I just realized, after perusing my logs, I have been getting this error. Jul 18 17:58:41 daemon natd[107]: failed to write packet back (Host is down) Jul 18 17:58:41 daemon natd[107]: failed to write packet back (No route to host) Jul 18 17:58:45 daemon natd[107]: failed to write packet back (No route to host) (I only greped for natd in this case, it naturally has the 'last message repeated' for quite some time in between logs) Normally I get this error when my 'cable' modem goes down, so it makes sense that there is no route to host. However, as I checked the more recent logs. Jul 25 00:06:07 daemon natd[107]: failed to write packet back (Host is down) Jul 25 00:06:12 daemon last message repeated 3 times Jul 25 00:45:30 daemon natd[107]: failed to write packet back (Host is down) Jul 25 00:51:54 daemon last message repeated 18 times Now, this error is a bit different. There is no '(No route to host)' error this time. And, I get this error yet the cable modem interface did NOT go down. I do not think I changed anything significant, however, I did add these kernel options around the '5th of june'. pseudo-device bpfilter 4 #Berkeley packet filter #NATD options IPFIREWALL options IPDIVERT #DUMMYNET options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=10 options DUMMYNET options NMBCLUSTERS=1024 #SOFTUPDATES options SOFTUPDATES #NCFTPD SHARED MEM #options SHMMAXPGS=1024 #SHARED MEM OPTIONS FROM LINT options SHMALL=1025 options "SHMMAX=(SHMMAXPGS*PAGE_SIZE+1)" options SHMMAXPGS=1025 options SHMMIN=2 options SHMMNI=33 options SHMSEG=9 Ok. Now, I do use dummynet, however, using ipfw show, there was no usage on that particular "pipe". The machine has maxusers set to 128, and is a k6-200 with 32 megs of ram, using Dec PCI nics (two of them), on an asus97-XE, TX Chipset. I really think the issue is software based over hardware since previous logs did not have such a "large" amount of this natd failure to write back. (previous to the 5th of july which was the last time I modified my new kernel file). I also run these services on top of the standard ones, like apache13+php3 with ssl, and I added my own loadable module, mod_fastcgi, mysqld, postgresql, ncftpd, socks5, sshd, with the default tcp wrapper, telnetd, and ftpd. (Hm. I could eliminate running mysqld, even I only have 32 megs of ram, my machine 'does' seem ok with the 'load', Kudos to FreeBSD power!). Now, I highly doubt if I just remake world it will 'fix' anything, however, I am ready to remake world since I am using 3.2-RELEASE. However, I was not aware of any significant fixes done to natd code during this time. (sorry if I missed it, by the way, is there a direct listing of fixes that grows as we progress through stable? I know it is cumbersome though, and we must as well just add the list in each release, but just curious for convenience sake). Ok. So, are any of my options somewhat "limiting" and causing a pipe to be full or something odd like that? Or is this a known problem and I should consider getting my machine 'synched' with 3.2-STABLE? It has to be my kernel setup or a 'bug' that has been squashed some how, right? On the side, could it be my bpf filter is not high enough? I do use dhcpd, but I only host maybe 3 clients. (they are not always even on all the time). Thanks in advance, I am sure we can find a solution for this problem. -Carroll Kong To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.0.58.19990725010824.01312ce0>