From owner-freebsd-stable@freebsd.org Mon Aug 3 21:22:51 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F24823A7846 for ; Mon, 3 Aug 2020 21:22:51 +0000 (UTC) (envelope-from jclarke@marcuscom.com) Received: from creme-brulee.marcuscom.com (creme-brulee.marcuscom.com [IPv6:2607:fc50:1:f300::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "*.marcuscom.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BL9pL6YH7z4Q6f; Mon, 3 Aug 2020 21:22:50 +0000 (UTC) (envelope-from jclarke@marcuscom.com) Received: from rtp-jclarke-nitro9.cisco.com ([173.38.117.90]) (authenticated bits=0) by creme-brulee.marcuscom.com (8.16.1/8.16.1) with ESMTPSA id 073LMgNa095621 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 3 Aug 2020 17:22:43 -0400 (EDT) (envelope-from jclarke@marcuscom.com) X-Authentication-Warning: creme-brulee.marcuscom.com: Host [173.38.117.90] claimed to be rtp-jclarke-nitro9.cisco.com From: Joe Clarke Message-Id: <3F5D4874-C8D6-4D77-AE9F-D5EAB750DDB4@marcuscom.com> Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\)) Subject: Re: Traffic "corruption" in 12-stable Date: Mon, 3 Aug 2020 17:22:37 -0400 In-Reply-To: <2F974A4E-95B3-4C65-A5F8-6FBBB575B756@marcuscom.com> Cc: freebsd-stable@freebsd.org To: Mark Johnston References: <9FAE54DE-F409-4A53-B91E-59AE52A86513@marcuscom.com> <20200727190147.GC59953@raichu> <2F974A4E-95B3-4C65-A5F8-6FBBB575B756@marcuscom.com> X-Mailer: Apple Mail (2.3608.120.23.2.1) X-Spam-Status: No, score=2.7 required=5.0 tests=HTML_MESSAGE, RDNS_NONE, TW_MX, TW_PF,TW_VM autolearn=disabled version=3.4.4 X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on creme-brulee.marcuscom.com X-Rspamd-Queue-Id: 4BL9pL6YH7z4Q6f X-Spamd-Bar: + Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of jclarke@marcuscom.com has no SPF policy when checking 2607:fc50:1:f300::2) smtp.mailfrom=jclarke@marcuscom.com X-Spamd-Result: default: False [1.82 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; HAS_XAW(0.00)[]; DMARC_NA(0.00)[marcuscom.com]; AUTH_NA(1.00)[]; NEURAL_SPAM_SHORT(0.23)[0.232]; NEURAL_HAM_MEDIUM(-0.03)[-0.029]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_SPAM_LONG(0.22)[0.220]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:36236, ipnet:2607:fc50::/36, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Aug 2020 21:22:52 -0000 > On Jul 27, 2020, at 15:41, Joe Clarke wrote: >=20 >=20 >=20 >> On Jul 27, 2020, at 15:01, Mark Johnston wrote: >>=20 >> On Sun, Jul 26, 2020 at 06:16:07PM -0400, Joe Clarke wrote: >>> About two weeks ago, I upgraded from the latest 11-stable to the = latest 12-stable. After that, I periodically see the network throughput = come to a near standstill. This FreeBSD machine is an ESXi VM with two = interfaces. It acts as a router. It uses vmxnet3 interfaces for both = LAN and WAN. It runs ipfw with in-kernel NAT. The LAN side uses a = bridge with vmx0 and a tap0 L2 VPN interface. My LAN side uses an MTU = of 9000, and my vmx1 (WAN side) uses the default 1500. >>>=20 >>> Besides seeing massive packet loss and huge latency (~ 200 ms for = on-LAN ping times), I know the problem has occurred because my lldpd = reports: >>>=20 >>> Jul 26 15:47:03 namale lldpd[1126]: frame too short for tlv received = on bridge0 >>>=20 >>> And if I turn on ipfw verbose messages, I see tons of: >>>=20 >>> Jul 26 16:02:23 namale kernel: ipfw: pullup failed >>>=20 >>> This leads to me to believe packets are being corrupted on ingress. = I=E2=80=99ve applied all the recent iflib changes, but the problem = persists. What causes it, I don=E2=80=99t know. >>>=20 >>> The only thing that changed (and yes, it=E2=80=99s a big one) is I = upgraded to 12-stable. Meaning, the rest of the network infra and = topology has remained the same. This did not happen at all in = 11-stable. >>>=20 >>> I=E2=80=99m open to suggestions. >>=20 >> There are some fixes for vmx not present in stable/12 (yet). I did a >> merge of a number of outstanding revisions. Would you be able to = test >> the patch? I haven't observed any problems with it on a host using = igb, >> but I have no ability to test vmx at the moment. >=20 > I=E2=80=99m down to test anything. I did notice quite a few vmxnet3 = changes around performance that appealed to me. I tried a few of them = on my last kernel. That took much longer to exhibit the problem, but = eventually did. >=20 > I can tell you I don=E2=80=99t have all of these patches in, though. = I=E2=80=99ll build with this diff and start running it now. I=E2=80=99ll = let you know how it goes. So it=E2=80=99s been just over a week of runtime with this full patch = set. I have seen no further issues with ingress packet = =E2=80=9Ctruncation=E2=80=9D, and performance has been what I expect. = I=E2=80=99m going to keep running, but I think this seems like a good = set to MFC. Thanks again for your help. Joe --- PGP Key : http://www.marcuscom.com/pgp.asc