i386/123200: Server failure due to netgraph mpd and dhcpclient
Basil
zaulychny at yahoo.com
Tue Apr 29 08:50:01 UTC 2008
>Number: 123200
>Category: i386
>Synopsis: Server failure due to netgraph mpd and dhcpclient
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-i386
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Apr 29 08:50:00 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Basil
>Release: 6.3
>Organization:
CCU
>Environment:
FreeBSD axe.tgh.kiev.ua 6.3-RELEASE FreeBSD 6.3-RELEASE #2: Thu Mar 27 17:43:21 EET 2008 root at axe.tgh.kiev.ua:/usr/src/sys/i386/compile/axe i386
>Description:
Server has two network cards rl0 and fxp0 (all hardware tested and new. It works fine before). fxp0 is for LAN, rl0 is on ISP's non-public network (10.0.0.1/16) configured via DHCP (dhclient: rl0 (dhclient)). Internet access granted via VPN protocol (mpd5 or mpd4 or even mpd). After booting has finished server has such ifconfig output:
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet 10.24.7.250 netmask 0xfffffc00 broadcast 10.24.7.255
ether 00:13:d4:dd:94:4c
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=b<RXCSUM,TXCSUM,VLAN_MTU>
inet 192.168.0.101 netmask 0xffffff00 broadcast 192.168.0.255
inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255
inet 192.168.100.1 netmask 0xffffff00 broadcast 192.168.100.255
inet 10.113.0.200 netmask 0xffffff00 broadcast 10.113.0.255
inet 192.168.0.199 netmask 0xffffff00 broadcast 192.168.0.255
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
ether 00:02:b3:bc:32:2b
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1416
inet 83.170.252.222 --> 85.223.129.9 netmask 0xffffffff
All works fine. Netgraph compiled into kernel statically (see kern conf below)
machine i386
#cpu I486_CPU
#cpu I586_CPU
cpu I686_CPU
ident axe
# To statically compile in device wiring instead of /boot/device.hints
#hints "GENERIC.hints" # Default places to look for devices.
makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols
#options SCHED_ULE # ULE scheduler
options SCHED_4BSD # 4BSD scheduler
options PREEMPTION # Enable kernel thread preemption
options INET # InterNETworking
options IPFIREWALL # InterNETworking
options IPFIREWALL_VERBOSE # InterNETworking
options IPFIREWALL_VERBOSE_LIMIT=100
options IPFIREWALL_FORWARD # InterNETworking
options IPDIVERT
options IPFIREWALL_DEFAULT_TO_ACCEPT
options DUMMYNET # InterNETworking
options LIBALIAS
# altq(9). Enable the base part of the hooks with the ALTQ option.
# Individual disciplines must be built into the base system and can not be
# loaded as modules at this point. In order to build a SMP kernel you must
# also have the ALTQ_NOPCC option.
options ALTQ
options ALTQ_CBQ # Class Bases Queueing
options ALTQ_RED # Random Early Detection
options ALTQ_RIO # RED In/Out
options ALTQ_HFSC # Hierarchical Packet Scheduler
options ALTQ_CDNR # Traffic conditioner
options ALTQ_PRIQ # Priority Queueing
options ALTQ_NOPCC # Required for SMP build
options ALTQ_DEBUG
# netgraph(4). Enable the base netgraph code with the NETGRAPH option.
# Individual node types can be enabled with the corresponding option
# listed below; however, this is not strictly necessary as netgraph
# will automatically load the corresponding KLD module if the node type
# is not already compiled into the kernel. Each type below has a
# corresponding man page, e.g., ng_async(8).
options NETGRAPH # netgraph(4) system
options NETGRAPH_DEBUG # enable extra debugging, this
# affects netgraph(4) and nodes
# Node types
options NETGRAPH_ASYNC
#options NETGRAPH_ATMLLC
#options NETGRAPH_ATM_ATMPIF
#options NETGRAPH_BLUETOOTH # ng_bluetooth(4)
#options NETGRAPH_BLUETOOTH_BT3C # ng_bt3c(4)
#options NETGRAPH_BLUETOOTH_H4 # ng_h4(4)
#options NETGRAPH_BLUETOOTH_HCI # ng_hci(4)
#options NETGRAPH_BLUETOOTH_L2CAP # ng_l2cap(4)
#options NETGRAPH_BLUETOOTH_SOCKET # ng_btsocket(4)
#options NETGRAPH_BLUETOOTH_UBT # ng_ubt(4)
#options NETGRAPH_BLUETOOTH_UBTBCMFW # ubtbcmfw(4)
options NETGRAPH_BPF
options NETGRAPH_BRIDGE
options NETGRAPH_CISCO
options NETGRAPH_DEFLATE
options NETGRAPH_DEVICE
options NETGRAPH_ECHO
options NETGRAPH_EIFACE
options NETGRAPH_ETHER
options NETGRAPH_FEC
options NETGRAPH_FRAME_RELAY
options NETGRAPH_GIF
options NETGRAPH_GIF_DEMUX
options NETGRAPH_HOLE
options NETGRAPH_IFACE
options NETGRAPH_IP_INPUT
options NETGRAPH_IPFW
options NETGRAPH_KSOCKET
options NETGRAPH_L2TP
options NETGRAPH_LMI
# MPPC compression requires proprietary files (not included)
#options NETGRAPH_MPPC_COMPRESSION
options NETGRAPH_MPPC_ENCRYPTION
options NETGRAPH_NETFLOW
options NETGRAPH_NAT
options NETGRAPH_ONE2MANY
options NETGRAPH_PPP
options NETGRAPH_PPPOE
options NETGRAPH_PPTPGRE
options NETGRAPH_PRED1
options NETGRAPH_RFC1490
options NETGRAPH_SOCKET
options NETGRAPH_SPLIT
options NETGRAPH_SPPP
options NETGRAPH_TAG
options NETGRAPH_TCPMSS
options NETGRAPH_TEE
options NETGRAPH_TTY
options NETGRAPH_UI
options NETGRAPH_VJC
The failure leads to server reboot after some non-constant time period (3-9 days). More over, some time ago when server has not statically compiled netgraph into kernel it simply crashes (no reboot) and not responding even on keyboard!
It seems to me that netgraph module leads to memory leak and kernel killing all working processes, because server responds only on ACPI power button pressing writing on display message.
After some searching in the Internet I have found some issues about similar problem where people have point on DHCP+MPD+NETGRAPH failure (They simply kill mpd from dhclient-script to vanish the problem)
So problem still open :(
>How-To-Repeat:
Setup VPN via DHCP configured eth using mpd5 on Freebsd 6.x server
>Fix:
To vanish silent crash of server you must compile statically netgraph into kernel. This unfortunately not solve the periodical reboot of server due to kernel panic...
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-i386
mailing list