From owner-freebsd-net@FreeBSD.ORG Wed Aug 25 04:05:08 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5C86510656A3; Wed, 25 Aug 2010 04:05:08 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-iw0-f182.google.com (mail-iw0-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id 12B478FC16; Wed, 25 Aug 2010 04:05:07 +0000 (UTC) Received: by iwn36 with SMTP id 36so243268iwn.13 for ; Tue, 24 Aug 2010 21:05:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=z6vHYSTFnFZlf4iLhO11IeYGwmydy18ARMteM41tCWc=; b=FuBsXd2MP7OEwuv1ZfTi049sNJK/T1KNyueVmOhlCfYQWKbAt9d7drvuXHe+R+lhyk iQ6YsGvf7ybRV8F/99/O//0h5IHSYXR5GLlf+xn8AGS2yVRHNtjOzSIoIKUKah0L7gGz XmfaWY9xjoQDFCBvnENYaMrUJypy0adipkNWs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=JkDDeheRBfn8BeKBKEGGTT7n5z0g5FORG4oiP5yPFgLYirfFP2efNGbgOkhKZ+RAQY vEtCjDKvwaUkFtua+2pI0H63fYRBlZl1mDfhwj9dsgV+tv31j/NFzuCaCS2vEoLL01wK YxpQlF25jKUyw0F4GdqyLvYkgu3OTtAVRqIB4= MIME-Version: 1.0 Received: by 10.231.169.149 with SMTP id z21mr9646445iby.11.1282709107393; Tue, 24 Aug 2010 21:05:07 -0700 (PDT) Received: by 10.231.168.14 with HTTP; Tue, 24 Aug 2010 21:05:07 -0700 (PDT) In-Reply-To: <4C73C25F.90903@freebsd.org> References: <20100822222746.GC6013@michelle.cdnetworks.com> <4C724AD9.5020000@freebsd.org> <4C73C25F.90903@freebsd.org> Date: Wed, 25 Aug 2010 12:05:07 +0800 Message-ID: From: Adrian Chadd To: Andre Oppermann Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: pyunyh@gmail.com, freebsd-net@freebsd.org Subject: Re: 8.0-RELEASE-p3: 4k jumbo mbuf cluster exhaustion X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Aug 2010 04:05:08 -0000 On 24 August 2010 21:00, Andre Oppermann wrote: > > Try "netstat -n -p tcp -x" to see whether one socket is holding on to > too much data. ok. > Testing with a different network card would help to narrow down the > area to look for the bug as well. I don't have this option, unfortunately. The box is about 8,000km from me. > Can you describe your connection capturing setup some more? =A0Do you > use "ipfw fwd" or some form of NAT? #!/bin/sh fwcmd=3D/sbin/ipfw myif=3Dbce0 proxy_port=3D3138 localip=3D ${fwcmd} -f flush # table 1 - redirect client list ${fwcmd} table 1 flush # table 2 - bypass server list ${fwcmd} table 2 flush # table 3 - bypass client list ${fwcmd} table 3 flush # ok, add local networks # Allow direct connections ${fwcmd} add 10 allow tcp from any to ${localip} 80 in via ${myif} # bypass list - server ${fwcmd} add 15 allow tcp from any to 'table(2)' 80 in via ${myif} ${fwcmd} add 16 allow tcp from 'table(2)' 80 to any in via ${myif} # bypass list - client ${fwcmd} add 17 allow tcp from 'table(3)' to any 80 in via ${myif} ${fwcmd} add 18 allow tcp from any 80 to 'table(3)' in via ${myif} # redirect non-me :80 ${fwcmd} add 20 fwd 127.0.0.1,${proxy_port} tcp from 'table(1)' to any 80 in via ${myif} # redirect client-destined packets on port 80 to me for local socket check ${fwcmd} add 30 fwd 127.0.0.1 tcp from any 80 to 'table(1)' in via ${myif} # pass the rest ${fwcmd} add 65000 allow ip from any to any sysctl net.inet.ip.fw.enable=3D1 sysctl net.inet.ip.forwarding=3D1