Date: Fri, 10 Oct 2008 08:21:16 -0700 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: Vlad GALU <dudu@dudu.ro> Cc: freebsd-stable@freebsd.org Subject: Re: UDP LOR with the latest RELENG_7 Message-ID: <20081010152116.GA35404@icarus.home.lan> In-Reply-To: <ad79ad6b0810100811x2a871854ve326f54fc3e0a680@mail.gmail.com> References: <ad79ad6b0810100540w7a84d70ajd60cb575149914ef@mail.gmail.com> <200810101458.m9AEw2KI082581@lava.sentex.ca> <ad79ad6b0810100811x2a871854ve326f54fc3e0a680@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 10, 2008 at 06:11:25PM +0300, Vlad GALU wrote: > On Fri, Oct 10, 2008 at 5:57 PM, Mike Tancsa <mike@sentex.net> wrote: > > At 08:40 AM 10/10/2008, Vlad GALU wrote: > >> > >> As my kernel had started to lock up periodically and I don't have > >> hands-on access to that machine, I enabled WITNESS. > >> So these started to pop up: > > > > Is this with a stock kernel and sysctl settings ? Or do you have any custom > > kernel options ? > > Jeremy pointed to a possible culprit - running csup again brought > uipc_usrreq.c to version 1.206.2.5. I'm rebuilding a new kernel with > this revision as I type and I'll see how it goes. I'm attaching the > sysctl.conf below just to be safe: I remember LORs pertaining to UDP being discussed recently. Possibly relevant threads: http://lists.freebsd.org/pipermail/freebsd-stable/2008-September/thread.html#45020 http://lists.freebsd.org/pipermail/freebsd-stable/2008-September/thread.html#45109 http://lists.freebsd.org/pipermail/freebsd-stable/2008-September/thread.html#45193 http://lists.freebsd.org/pipermail/freebsd-stable/2008-September/thread.html#45231 The last one is rwatson's fix, and confirmation from a couple people that it fixes their issues. > -- cut here -- > kern.ipc.maxsockets=32768 > kern.ipc.nmbclusters=65536 > kern.ipc.shmall=134217728 > kern.ipc.shmmax=134217728 > kern.logsigexit=0 > kern.maxfiles=131072 > kern.maxfilesperproc=32768 > kern.randompid=100 > kern.random.sys.harvest.swi=1 > kern.securelevel=-1 > net.bpf.bufsize=1048576 > net.bpf.maxbufsize=1048576 > net.inet.icmp.drop_redirect=1 > net.inet.icmp.icmplim=20 > net.inet.icmp.icmplim_output=0 > net.inet.icmp.maskrepl=0 > net.inet.icmp.reply_from_interface=1 > net.inet.ip.check_interface=0 > net.inet.ip.forwarding=1 > net.inet.ip.fastforwarding=1 > net.inet.ip.process_options=0 > net.inet.ip.random_id=0 # scrubbing with pf > net.inet.ip.redirect=0 > net.inet.ip.stealth=1 > net.inet.tcp.always_keepalive=1 > net.inet.tcp.blackhole=2 > net.inet.tcp.delayed_ack=1 > net.inet.tcp.drop_synfin=1 > net.inet.tcp.log_in_vain=0 > net.inet.tcp.recvspace=32768 > net.inet.tcp.rfc1323=1 > net.inet.tcp.rfc3042=1 > net.inet.tcp.rfc3390=1 > net.inet.tcp.sack.enable=1 > net.inet.tcp.sendspace=32768 > net.inet.tcp.syncookies=0 > net.inet.udp.blackhole=1 > net.inet.udp.log_in_vain=0 > net.link.ether.inet.max_age=1200 > security.bsd.conservative_signals=1 > security.bsd.hardlink_check_gid=0 > security.bsd.hardlink_check_uid=1 > security.bsd.see_other_gids=0 > security.bsd.see_other_uids=0 > security.bsd.suser_enabled=1 > security.bsd.unprivileged_get_quota=0 > security.bsd.unprivileged_proc_debug=0 > security.bsd.unprivileged_read_msgbuf=0 > security.jail.allow_raw_sockets=0 > security.jail.set_hostname_allowed=0 > security.jail.socket_unixiproute_only=1 > security.jail.sysvipc_allowed=0 > security.mac.seeotheruids.enabled=1 > security.mac.seeotheruids.specificgid_enabled=1 > security.mac.seeotheruids.specificgid=0 > vfs.hirunningspace=33554432 > vfs.read_max=16 > vfs.ufs.dirhash_maxmem=8388608 > -- and here -- Good grief, we could spend 2 years debugging just the sysctl.conf pieces... :-) -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081010152116.GA35404>