From owner-cvs-src@FreeBSD.ORG Fri May 25 07:59:27 2007 Return-Path: X-Original-To: cvs-src@FreeBSD.org Delivered-To: cvs-src@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 289F316A400 for ; Fri, 25 May 2007 07:59:27 +0000 (UTC) (envelope-from andre@freebsd.org) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.freebsd.org (Postfix) with ESMTP id 8C52E13C489 for ; Fri, 25 May 2007 07:59:26 +0000 (UTC) (envelope-from andre@freebsd.org) Received: (qmail 77107 invoked from network); 25 May 2007 07:16:23 -0000 Received: from c00l3r.networx.ch (HELO [127.0.0.1]) ([62.48.2.2]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 25 May 2007 07:16:23 -0000 Message-ID: <46569762.6090801@freebsd.org> Date: Fri, 25 May 2007 09:59:30 +0200 From: Andre Oppermann User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: Robert Watson References: <200705182113.l4ILD2qb044650@repoman.freebsd.org> <20070521073544.GP89017@FreeBSD.org> <4654D011.5040309@freebsd.org> <20070524092643.GC89017@FreeBSD.org> <20070525084450.H53865@fledge.watson.org> In-Reply-To: <20070525084450.H53865@fledge.watson.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: cvs-src@FreeBSD.org, Gleb Smirnoff , cvs-all@FreeBSD.org, src-committers@FreeBSD.org Subject: Re: cvs commit: src/sys/netinet tcp_syncache.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 May 2007 07:59:27 -0000 Robert Watson wrote: > > On Thu, 24 May 2007, Gleb Smirnoff wrote: > >> A> W/o logging we have no way of really knowing. Before we were >> possibly >> A> accepting stuff we shouldn't have (spoofing and attacks). Now we may >> A> drop stuff we perhaps should accept anyway. W/o logging diagnosing a >> A> TCP problem was very difficult and would need a lot cooperation with >> A> the PR submitter, if it was submitted at all. We normally only got a >> A> report of TCP 'not working'. Figuring out what went wrong was pretty >> A> much doing iterative shots into the dark and see if something >> squeaks. >> A> >> A> With logging I want to make things much more obvious and simpler to >> A> diagnose. Plus we get information in cases (from admins reading the >> A> logs) that were totally lost in the noise or not even attempted to >> A> be debugged. >> A> >> A> For our TCP maintainers (mostly I at the moment) and also 3rd parties >> A> this makes TCP trouble diagnosis much more accessible. Based on a >> A> log report and the OS name/version of the remote end we can pretty >> A> much tell right away what went wrong. This saves an order of a >> A> magnitude in debugging and fault analysis time. From many hours and >> A> email round trips to mere minutes and one or two information >> requests. >> >> I completely understand that this logging is very important in the >> process of refactoring the TCP code. I just think that the performance >> impact should be measured before merging this logging to RELENG_6. > > Kernel-sourced log messages result in an fsync() of log files the > message is written to, as syslogd feels that kernel messages are very > important and should go to disk as quickly and reliably as possible. As > a result, it's very desirable to rate limit (ideally no more than 1pps) > packet-generated log messages. I've been thinking of adding a spp > function to match ppsprint for things like kernel warnings about the > audit trail storage partition filling up, as one message a second is > still a lot. kern.debug should not be automatically written and fsync()ed to disk. All these TCP messages are sourced as kern.debug (except for the log_ in_vain variety with kern.info but that's something the user has to explicitly enable). -- Andre