Date: Sat, 08 Dec 2018 14:57:10 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 233867] pf: Long freezes on NAT port exhaustion Message-ID: <bug-233867-227-zBdJzpk2RL@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-233867-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233867 Kristof Provost <kp@freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.freebsd.org/bu | |gzilla/show_bug.cgi?id=1840 | |03 Status|New |Open --- Comment #2 from Kristof Provost <kp@freebsd.org> --- The system loses network connectivity when it can't find a free source port in pf_get_sport(). It keeps calling pf_map_addr(), trying to get a new IP to check for available ports. I believe this problem was introduced by the patch in PR# 184003. Note that we're running NAT with PF_POOL_STICKYADDR, so we find a src_node, and the early return is taken. This means we always return the same IP, and loop through the available ports in pf_get_sport() again and again. This loop continues until a state times out, and we do find a free port. -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-233867-227-zBdJzpk2RL>