From owner-freebsd-current@FreeBSD.ORG  Thu Mar  1 23:52:29 2012
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: current@FreeBSD.org
Received: from mx2.freebsd.org (mx2.freebsd.org [IPv6:2001:4f8:fff6::35])
	by hub.freebsd.org (Postfix) with ESMTP id 68A17106564A;
	Thu,  1 Mar 2012 23:52:29 +0000 (UTC)
	(envelope-from dougb@FreeBSD.org)
Received: from [127.0.0.1] (hub.freebsd.org [IPv6:2001:4f8:fff6::36])
	by mx2.freebsd.org (Postfix) with ESMTP id 00CC31509EA;
	Thu,  1 Mar 2012 23:52:28 +0000 (UTC)
Message-ID: <4F500BB9.4040307@FreeBSD.org>
Date: Thu, 01 Mar 2012 15:52:25 -0800
From: Doug Barton <dougb@FreeBSD.org>
Organization: http://www.FreeBSD.org/
User-Agent: Mozilla/5.0 (Windows NT 5.1;
	rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Steve Wills <swills@FreeBSD.org>
References: <20120221143537.Horde.deyFDZjmRSRPQ52pxBIpnLA@webmail.leidinger.net>
	<BA7FFA2D-DEE6-4FB7-AE26-0BC79CBFD8C0@lists.zabbadoz.net>
	<4F4BA707.5070608@wasikowski.net> <4F4C3FE7.3040802@FreeBSD.org>
	<CACqU3MWx3pMMDncvOita-OAgfe=NPKtwKE2WeB_mdcYwozY81Q@mail.gmail.com>
	<4F4D51CB.2010508@FreeBSD.org> <4F4D5E5D.9040302@FreeBSD.org>
	<4F4DD288.5060106@FreeBSD.org>
	<CAHM0Q_O+Ct6yhRL=B9oxgkL8EgLxZdo7-KFO2C8HqiN1=Kx_bw@mail.gmail.com>
	<4F4ED889.2070608@FreeBSD.org>
In-Reply-To: <4F4ED889.2070608@FreeBSD.org>
X-Enigmail-Version: 1.3.5
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: stable@FreeBSD.org, "K. Macy" <kmacy@FreeBSD.org>,
	=?UTF-8?B?eiBXxIVzaWtvd3NraQ==?= <lukasz@wasikowski.net>,
	Arnaud Lacombe <lacombar@gmail.com>,
	Alexander Leidinger <Alexander@leidinger.net>,
	"Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, current@FreeBSD.org
Subject: Re: flowtable usable or not
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Mar 2012 23:52:29 -0000

On 2/29/2012 6:01 PM, Steve Wills wrote:
> On 02/29/12 13:17, K. Macy wrote:
>> .
>>>
>>> I tried it, on both FreeBSD routers, web systems, and database 
>>> servers; all on 8.2+. It still causes massive instability.
>>> Disabling the sysctl, and/or removing it from the kernel solved
>>> the problems.
> 
>> Routing I can believe, but I'm wondering how close attention you
>> paid to the workload. There are CDN networks with high uptimes and
>> shipping firewall products that use flowtable, so your mention of
>> web systems forces makes me ask for specifics.
> 
> 
> The failure I experienced was with web servers running 8.0 behind a F5
> load balancer in an HA setup. Whenever the failover happened, the web
> servers would continue sending to the wrong MAC address, despite the
> arp table updating. Disabling flowtable via the sysctl solved the
> problem. Maybe Doug's failure was similar, maybe not, but I thought
> I'd throw my $0.02 in.

Yes, that was part of it. On the web and db systems we had what I can
only describe as "general wackiness" with systems suddenly becoming
unreachable, etc. This was with a moderately complex network setup with
a combination of different VLANs, multiple interfaces, etc. The FreeBSD
routers would just plain panic on a semi-regular interval. Removing
flowtable made all this go away, and we've been quite stable since then.


hth,

Doug

-- 

    This .signature sanitized for your protection