flowtable usable or not
Steve Wills
swills at FreeBSD.org
Thu Mar 1 02:01:55 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02/29/12 13:17, K. Macy wrote:
> .
>>
>> I tried it, on both FreeBSD routers, web systems, and database
>> servers; all on 8.2+. It still causes massive instability.
>> Disabling the sysctl, and/or removing it from the kernel solved
>> the problems.
>
> Routing I can believe, but I'm wondering how close attention you
> paid to the workload. There are CDN networks with high uptimes and
> shipping firewall products that use flowtable, so your mention of
> web systems forces makes me ask for specifics.
>
The failure I experienced was with web servers running 8.0 behind a F5
load balancer in an HA setup. Whenever the failover happened, the web
servers would continue sending to the wrong MAC address, despite the
arp table updating. Disabling flowtable via the sysctl solved the
problem. Maybe Doug's failure was similar, maybe not, but I thought
I'd throw my $0.02 in.
Steve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)
iQEcBAEBAgAGBQJPTtiJAAoJEPXPYrMgexuhp8EIAKGGtZzcxgQ4zVO5SKy1jAOH
DXLRLYfdm8NJB9hYEvtUa9/nltAE35zQMp7FU4AlZ2L2ol/J7W9aODiN0gw9AFEr
dxBYyQliDKvVwLgah9a5PaXNM3kpx9ZvZGM3lBQGQbZaEV+ERwjBXkfIqjEB4Ei5
bBd7841jQm22s1xJOuJTdMGrpnY1DMUPdPCFOAtyQmTAhWpoELgtQBvP9kGYNKv2
3NAPnjFuooe9fdze9VSO8TWFJSb82DVbRsz6JiR0998oHXPApCh4I5y1rNcg2qA/
1x2EdFlivXpgjC4nKUgFjhohmdGv20FrLfex4eOq6dSMF0Baje86PJcc8EZ1DK0=
=NUft
-----END PGP SIGNATURE-----
More information about the freebsd-current
mailing list