From owner-freebsd-stable@FreeBSD.ORG Fri May 28 05:46:22 2010 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D621F1065675; Fri, 28 May 2010 05:46:22 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from mail.zirakzigil.org (mail.zirakzigil.org [82.63.178.63]) by mx1.freebsd.org (Postfix) with ESMTP id 7C43A8FC15; Fri, 28 May 2010 05:46:22 +0000 (UTC) Received: from localhost (unknown [192.168.1.2]) by mail.zirakzigil.org (Postfix) with ESMTP id AF1A597B3E; Fri, 28 May 2010 07:46:20 +0200 (CEST) X-Virus-Scanned: amavisd-new at zirakzigil.org Received: from mail.zirakzigil.org ([192.168.1.2]) by localhost (ext.zirakzigil.org [192.168.1.2]) (amavisd-new, port 10024) with ESMTP id 7dvMTayuuuKi; Fri, 28 May 2010 07:46:17 +0200 (CEST) Received: from [192.168.229.30] (unknown [192.168.1.2]) (Authenticated sender: auryn@zirakzigil.org) by mail.zirakzigil.org (Postfix) with ESMTPA id B220597B35; Fri, 28 May 2010 07:46:17 +0200 (CEST) Message-ID: <4BFF589F.2050102@zirakzigil.org> Date: Fri, 28 May 2010 07:46:07 +0200 From: Giulio Ferro User-Agent: Thunderbird 2.0.0.24 (X11/20100411) MIME-Version: 1.0 To: freebsd-net@freebsd.org, freebsd-stable@freebsd.org, max@love2party.net Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: PF + BRIDGE still causes system freezing X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2010 05:46:22 -0000 Months ago I reported a system freezing whenever bridge was used with pf. This still happens now in 8.1 prerelease: after several minutes to hours that the bridge is active the system becomes unresponsive. # uname -a FreeBSD firewall1 8.1-PRERELEASE FreeBSD 8.1-PRERELEASE #0: Thu May 27 18:03:48 CEST 2010 root@data1:/usr/obj/usr/src/sys/FIREWALL amd64 > cat /etc/sysctl.conf net.inet.ip.forwarding=1 net.inet.ip.fastforwarding=1 net.inet.carp.preempt=1 Services running : sshd, named, inetd, ntpd, openvpn (tap), racoon, pptp, asterisk 2 physical interfaces : bce0, bce1 11 vlan interfaces : vlan1, ..., vlan11 (vlandev bce1) 11 carp interfaces ; carp1, ..., carp11 (carp1 has 23 alias addresses) 1 bridge interfaces : bridge0 addm vlan35 (used by openvpn) 2 gif interfaces : gif0, gif1 (racoon / IPSEC) 8 static routes pf packet filter : 12 rdr rules, 3 nat rules, set skip{lo0, bridge0, vlan35}, 4 pass quick, block log all, about 30 pass keep state When the system freezes, I get this from the debugger --------------------------------------------------------------------- db> show allchains db> show alllocks Process 12 (intr) thread 0xffffff00024293e0 (100028) exclusive sleep mutex if_bridge (if_bridge) r = 0 (0xffffff000270ea18) locked @ /usr/src/sys/net/if_bridge.c:2184 Process 12 (intr) thread 0xffffff00022693e0 (100016) exclusive sleep mutex Giant (Giant) r = 1 (0xffffffff80c93dc0) locked @ /usr/src/sys/dev/usb/usb_transfer.c:3023 Process 12 (intr) thread 0xffffff00022607c0 (1000006) exclusive sleep mutex carp_if (carp_if) r = 0 (0xffffff00027329e0) locked @ /usr/src/sys/netinet/ip_carp.c:881 db> --------------------------------------------------------------------- Even if there is no solution yet, is there any quick and dirty workaround I can try? I need this rather badly... Thanks.