Date: Thu, 01 Mar 2012 15:52:25 -0800 From: Doug Barton <dougb@FreeBSD.org> To: Steve Wills <swills@FreeBSD.org> Cc: stable@FreeBSD.org, "K. Macy" <kmacy@FreeBSD.org>, =?UTF-8?B?eiBXxIVzaWtvd3NraQ==?= <lukasz@wasikowski.net>, Arnaud Lacombe <lacombar@gmail.com>, Alexander Leidinger <Alexander@leidinger.net>, "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, current@FreeBSD.org Subject: Re: flowtable usable or not Message-ID: <4F500BB9.4040307@FreeBSD.org> In-Reply-To: <4F4ED889.2070608@FreeBSD.org> References: <20120221143537.Horde.deyFDZjmRSRPQ52pxBIpnLA@webmail.leidinger.net> <BA7FFA2D-DEE6-4FB7-AE26-0BC79CBFD8C0@lists.zabbadoz.net> <4F4BA707.5070608@wasikowski.net> <4F4C3FE7.3040802@FreeBSD.org> <CACqU3MWx3pMMDncvOita-OAgfe=NPKtwKE2WeB_mdcYwozY81Q@mail.gmail.com> <4F4D51CB.2010508@FreeBSD.org> <4F4D5E5D.9040302@FreeBSD.org> <4F4DD288.5060106@FreeBSD.org> <CAHM0Q_O%2BCt6yhRL=B9oxgkL8EgLxZdo7-KFO2C8HqiN1=Kx_bw@mail.gmail.com> <4F4ED889.2070608@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/29/2012 6:01 PM, Steve Wills wrote:
> On 02/29/12 13:17, K. Macy wrote:
>> .
>>>
>>> I tried it, on both FreeBSD routers, web systems, and database
>>> servers; all on 8.2+. It still causes massive instability.
>>> Disabling the sysctl, and/or removing it from the kernel solved
>>> the problems.
>
>> Routing I can believe, but I'm wondering how close attention you
>> paid to the workload. There are CDN networks with high uptimes and
>> shipping firewall products that use flowtable, so your mention of
>> web systems forces makes me ask for specifics.
>
>
> The failure I experienced was with web servers running 8.0 behind a F5
> load balancer in an HA setup. Whenever the failover happened, the web
> servers would continue sending to the wrong MAC address, despite the
> arp table updating. Disabling flowtable via the sysctl solved the
> problem. Maybe Doug's failure was similar, maybe not, but I thought
> I'd throw my $0.02 in.
Yes, that was part of it. On the web and db systems we had what I can
only describe as "general wackiness" with systems suddenly becoming
unreachable, etc. This was with a moderately complex network setup with
a combination of different VLANs, multiple interfaces, etc. The FreeBSD
routers would just plain panic on a semi-regular interval. Removing
flowtable made all this go away, and we've been quite stable since then.
hth,
Doug
--
This .signature sanitized for your protection
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F500BB9.4040307>