Date: Mon, 16 Jun 2003 18:17:41 +0200 From: Markus Brueffer <brueffer@phoenix-systems.de> To: Christoph Kukulies <kuku@physik.rwth-aachen.de>, freebsd-current@freebsd.org Subject: Re: mpd, ng, Cisco VPN, resource leak Message-ID: <200306161817.41844.brueffer@phoenix-systems.de> In-Reply-To: <200306161706.35136.brueffer@phoenix-systems.de> References: <200306161403.h5GE3tJ28411@accms33.physik.rwth-aachen.de> <200306161706.35136.brueffer@phoenix-systems.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary-02=_l2e7+xfLX4fwEMP Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: signed data Content-Disposition: inline Hi Christoph On Monday 16 June 2003 16:03, Christoph Kukulies wrote: > For months I'm trying to get back to a working VPN using mpd > on a FreeBSD 4.4 client site and a Cisco VPN server on the peer end. > > With 5.0 and 5.1-current the network connection stopped working. > > I could work for a minute or so then the connection got hung. > Trying to reconnect with a new ssh session got some message > about 'resource deadlock avoided' and a subsequent ping to the peer side > gets the onminous 'no buffers space available' or an additional : > > > kuku@www$ ssh acc01 > ssh: connect to host acc01 port 22: Connection refused > kuku@www$ ping acs01 > PING acc01 (138.134.123.12): 56 data bytes > ping: sendto: Resource deadlock avoided > ping: sendto: No buffer space available > ping: sendto: No buffer space available > ^C > --- acc01 ping statistics --- > 3 packets transmitted, 0 packets received, 100% packet loss > > > The connection refused occurs on the peer side where the previous > ssh connection had succeeded. It's not that the sshd died. Rebooting > my system allows be to connect again for a minute or 2 and then again > the hang. > > How could I pinpoint the problem so that some knowing kernel/netgraph > person will be available to find the cause? > > Is there a way to do a continous netstat -m or vmstat -m during a session > setup? I mean other than writing it to a file in a shell while loop? I know exactly what you are talking about. I had the same problems here. Please have a look at http://www.cs.rpi.edu/~flemej/fbsd-cisco-vpn/ . That (partly) solved the problems for me, however I have to set the routes = to=20 the subnets behind the VPN-server manually after establishing a connection = to=20 the VPN-server via mpd.=20 If I set the routes in the mentioned script, the routingtable seems to be o= k,=20 but setting the routing entrys this way leads to the same problems you=20 already mentioned. I have no idea whats wrong and why I have to set them=20 manually. Perhaps we can figure out this minor last problem together. Best Regards, Markus =2D-=20 GPG Pub-Key : http://www.phoenix-systems.de/mbrueffer.asc GPG Fingerprint: 3F9B EBE8 F290 E5CC 1447 8760 D48D 1072 78F8 A8D4 GPG Key ID : 0x78F8A8D4 --Boundary-02=_l2e7+xfLX4fwEMP Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQA+7e2l1I0Qcnj4qNQRAmTTAKDWJOfCNhZpWyVR4YYD6dDonbqfLwCfZjBB H8y33/f+q8BDeAU4Fdm+V8o= =JvgQ -----END PGP SIGNATURE----- --Boundary-02=_l2e7+xfLX4fwEMP--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200306161817.41844.brueffer>