From owner-freebsd-questions@FreeBSD.ORG  Tue Jan 29 09:47:15 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 6E35F16A469
	for <freebsd-questions@freebsd.org>;
	Tue, 29 Jan 2008 09:47:15 +0000 (UTC)
	(envelope-from norman@apache.org)
Received: from vs159071.vserver.de (hiphopcorner.de [62.75.159.71])
	by mx1.freebsd.org (Postfix) with ESMTP id 31DDE13C459
	for <freebsd-questions@freebsd.org>;
	Tue, 29 Jan 2008 09:47:15 +0000 (UTC)
	(envelope-from norman@apache.org)
Received: from [10.99.0.2] (unknown [213.188.107.182])
	by vs159071.vserver.de (Postfix) with ESMTP id 6EEBBBE8994;
	Tue, 29 Jan 2008 09:47:14 +0000 (UTC)
From: Norman Maurer <norman@apache.org>
To: Christopher Cowart <ccowart@rescomp.berkeley.edu>
In-Reply-To: <1201598690.6811.5.camel@norman-laptop>
References: <1201592778.6811.1.camel@norman-laptop>
	<20080129080412.GH41095@hal.rescomp.berkeley.edu>
	<1201598690.6811.5.camel@norman-laptop>
Content-Type: text/plain
Date: Tue, 29 Jan 2008 10:47:05 +0100
Message-Id: <1201600025.6811.8.camel@norman-laptop>
Mime-Version: 1.0
X-Mailer: Evolution 2.12.1 
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions <freebsd-questions@freebsd.org>
Subject: Re: FreeBSD 6.3 racoon cpu 99,9% after some time workin
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jan 2008 09:47:15 -0000


Am Dienstag, den 29.01.2008, 10:24 +0100 schrieb Norman Maurer:
> Am Dienstag, den 29.01.2008, 00:04 -0800 schrieb Christopher Cowart:
> > On Tue, Jan 29, 2008 at 08:46:18AM +0100, Norman Maurer wrote:
> > > I have some strange problem.. After racoon works some hours it seems to
> > > "freeze" and get a cpu usage of 99,9%. The vpns don't work anymore too..
> > > Any idea ?
> > 
> > By any chance do you have a large number of tunnels? We went so far as
> > to write a daemon to watch racoon and restart it automatically. We
> > finally ended up bumping up buffer sizes in the ipsec-tools sources and
> > sysctl.
> > 
> > See this thread from -net:
> > http://lists.freebsd.org/pipermail/freebsd-net/2007-August/015046.html
> > 
> 
> We have about 15 tunnels.. Can you please show me the changes you did
> ( maybe a diff ) and the shell script ?
> 
> Thx
> Norman

btw, can you show me your relevant sysctl settings ?

sysctl -a net.key

Thx
Norman