Site Navigation

Date:      Wed, 25 Aug 2010 12:05:07 +0800
From:      Adrian Chadd <adrian.chadd@gmail.com>
To:        Andre Oppermann <andre@freebsd.org>
Cc:        pyunyh@gmail.com, freebsd-net@freebsd.org
Subject:   Re: 8.0-RELEASE-p3: 4k jumbo mbuf cluster exhaustion
Message-ID:  <AANLkTi=DSNoSKx5Tf2b_Wg9jTfSMZSsiN8OuUPuCOJvM@mail.gmail.com>
In-Reply-To: <4C73C25F.90903@freebsd.org>
References:  <AANLkTikrbCFHz-CnuYcgH2JzpeH5hob0Aa2y5dwn3Hvv@mail.gmail.com> <AANLkTikYMU=wML_z=HDnkUF1PGYMVa1q-QWTrkxD%2B7EP@mail.gmail.com> <20100822222746.GC6013@michelle.cdnetworks.com> <AANLkTi=t%2BnG8isp1nf2aBec%2BFwomApNt0NBPO8LqZ%2B=9@mail.gmail.com> <4C724AD9.5020000@freebsd.org> <AANLkTikBHiQ15CFKhsP4Z=9bRJEP-1_RAJAS4Y3U1GLT@mail.gmail.com> <4C73C25F.90903@freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

On 24 August 2010 21:00, Andre Oppermann <andre@freebsd.org> wrote:

>
> Try "netstat -n -p tcp -x" to see whether one socket is holding on to
> too much data.

ok.

> Testing with a different network card would help to narrow down the
> area to look for the bug as well.

I don't have this option, unfortunately. The box is about 8,000km from me.

> Can you describe your connection capturing setup some more? =A0Do you
> use "ipfw fwd" or some form of NAT?

#!/bin/sh

fwcmd=3D/sbin/ipfw
myif=3Dbce0
proxy_port=3D3138
localip=3D<localip>

${fwcmd} -f flush

# table 1 - redirect client list
${fwcmd} table 1 flush
# table 2 - bypass server list
${fwcmd} table 2 flush
# table 3 - bypass client list
${fwcmd} table 3 flush

# ok, add local networks
<local subnets go here>

# Allow direct connections
${fwcmd} add 10 allow tcp from any to ${localip} 80 in via ${myif}

# bypass list - server
${fwcmd} add 15 allow tcp from any to 'table(2)' 80 in via ${myif}
${fwcmd} add 16 allow tcp from 'table(2)' 80 to any in via ${myif}
# bypass list - client
${fwcmd} add 17 allow tcp from 'table(3)' to any 80 in via ${myif}
${fwcmd} add 18 allow tcp from any 80 to 'table(3)' in via ${myif}

# redirect non-me :80
${fwcmd} add 20 fwd 127.0.0.1,${proxy_port} tcp from 'table(1)' to any
80 in via ${myif}
# redirect client-destined packets on port 80 to me for local socket check
${fwcmd} add 30 fwd 127.0.0.1 tcp from any 80 to 'table(1)' in via ${myif}

# pass the rest
${fwcmd} add 65000 allow ip from any to any

sysctl net.inet.ip.fw.enable=3D1
sysctl net.inet.ip.forwarding=3D1

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTi=DSNoSKx5Tf2b_Wg9jTfSMZSsiN8OuUPuCOJvM>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact