misc/114095: Carp+pf delay with high state limit

Nerijus Ambrazas nerijus.ambrazas at ktu.lt
Thu Jun 28 13:30:07 UTC 2007 

>Number:         114095
>Category:       misc
>Synopsis:       Carp+pf delay with high state limit
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jun 28 13:30:06 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Nerijus Ambrazas
>Release:        FreeBSD 6.2-RELEASE amd64
>Organization:
Kaunas University of Technology
>Environment:
FreeBSD ad-baltas.ktu.lt 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Wed Jun 27 11:07:42 EEST 2007     root@:/usr/src/sys/amd64/compile/geras  amd64

>Description:
CARP takes a long time to assign master and backup nodes after restart. One node initially becomes master on all vhids, not dependant on the value of advskew value. It might take a few minutes or more for the master/slave nodes to be set properly. The wait time seems to be linked to the the state limit set in pf. The higher the limit the longer it takes CARP to properly initialize.


The kernel config is as follows :

include GENERIC

options SMP

#PF
device pf
device pflog
device pfsync
device carp

#ALTQ
options ALTQ
options ALTQ_CBQ
options ALTQ_RED
options ALTQ_RIO
options ALTQ_HFSC
options ALTQ_CDNR
options ALTQ_PRIQ
options ALTQ_NOPCC





pf.conf used for testing is


set limit {states 50000, frags 50000}
nat on em0 from 10.0.0.0/8 to !10.0.0.0/8 -> 193.219.184.77

pass quick all



rc.conf is as follows :

# -- sysinstall generated deltas -- # Fri Jun 22 15:57:33 2007
# Created: Fri Jun 22 15:57:33 2007
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
check_quotas="NO"
hostname="ad-baltas.ktu.lt"
ifconfig_em0="inet 193.219.184.74 netmask 255.255.255.240"
ifconfig_em1="up"
defaultrouter="193.219.184.65"

cloned_interfaces="lo0 vlan251 vlan252 vlan253 vlan254 vlan255 vlan256 vlan257 vlan258 vlan259 vlan260 vlan261 vlan262 vlan26
3 vlan264 vlan265 carp0 carp251 carp252 carp253 carp254 carp255 carp256 carp257 carp258 carp259 carp260 carp261 carp262 carp2
63 carp264 carp4 carp265"

ifconfig_carp0="up 193.219.184.77 netmask 255.255.255.240 vhid 1 advskew 100"

#Tarptautiniu studiju centras
ifconfig_vlan251="inet 10.12.7.252 netmask 255.255.248.0 vlan 251 vlandev em1 up"
ifconfig_carp251="up 10.12.7.254 netmask 255.255.248.0 vhid 2 advskew 100 "

#ITPI 2a
ifconfig_vlan252="inet 10.0.15.252 netmask 255.255.248.0 vlan 252 vlandev em1 up"
ifconfig_carp252="up 10.0.15.254 netmask 255.255.248.0 vhid 3 advskew 100 "

#ITPI 103  
ifconfig_vlan253="inet 10.0.23.252 netmask 255.255.248.0 vlan 253 vlandev em1 up"
ifconfig_carp253="up 10.0.23.254 netmask 255.255.248.0 vhid 4 advskew 100 "

#Dizainas  
ifconfig_vlan254="inet 10.2.7.252 netmask 255.255.248.0 vlan 254 vlandev em1 up"
ifconfig_carp254="up 10.2.7.254 netmask 255.255.248.0 vhid 5 advskew 100 "

#Chemija
ifconfig_vlan255="inet 10.1.7.252 netmask 255.255.248.0 vlan 255 vlandev em1 up"
ifconfig_carp255="up 10.1.7.254 netmask 255.255.248.0 vhid 6 advskew 100 "

#Mechanikos
ifconfig_vlan256="inet 10.10.7.252 netmask 255.255.248.0 vlan 256 vlandev em1 up"
ifconfig_carp256="up 10.10.7.254 netmask 255.255.248.0 vhid 7 advskew 100"

#Elektros?
ifconfig_vlan257="inet 10.5.7.252 netmask 255.255.248.0 vlan 257 vlandev em1 up"
ifconfig_carp257="up 10.5.7.254 netmask 255.255.248.0 vhid 8 advskew 100 "

#Ekonomikos ir vadybos
ifconfig_vlan258="inet 10.3.7.252 netmask 255.255.248.0 vlan 258 vlandev em1 up"
ifconfig_carp258="up 10.3.7.254 netmask 255.255.248.0 vhid 9 advskew 100 "

#Humanitariniu
ifconfig_vlan259="inet 10.9.7.252 netmask 255.255.248.0 vlan 259 vlandev em1 up"
ifconfig_carp259="up 10.9.7.254 netmask 255.255.248.0 vhid 10 advskew 100 "

#Europos
ifconfig_vlan260="inet 10.13.7.252 netmask 255.255.248.0 vlan 260 vlandev em1 up"
ifconfig_carp260="up 10.13.7.254 netmask 255.255.248.0 vhid 11 advskew 100"

#Telekomunikaciju
ifconfig_vlan261="inet 10.7.7.252 netmask 255.255.248.0 vlan 261 vlandev em1 up"
ifconfig_carp261="up 10.7.7.254 netmask 255.255.248.0 vhid 12 advskew 100"

#Serverynas
ifconfig_vlan262="inet 10.0.7.252 netmask 255.255.248.0 vlan 262 vlandev em1 up"
ifconfig_carp262="up 10.0.7.254 netmask 255.255.248.0 vhid 13 advskew 0 "

#Socialiniu
ifconfig_vlan263="inet 10.11.7.252 netmask 255.255.248.0 vlan 263 vlandev em1 up"
ifconfig_carp263="up 10.11.7.254 netmask 255.255.248.0 vhid 14 advskew 100"

#Informatikos
ifconfig_vlan264="inet 10.6.7.252 netmask 255.255.248.0 vlan 264 vlandev em1 up"
ifconfig_carp264="up 10.6.7.254 netmask 255.255.248.0 vhid 15 advskew 100 "
#ifconfig_carp265="up 10.6.7.254 netmask 255.255.248.0 vhid 16 "

#AD Serveris
ifconfig_vlan265="inet 10.255.0.252 netmask 255.255.248.0 vlan 265 vlandev em1 up"
ifconfig_carp265="up 10.255.0.254 netmask 255.255.248.0 vhid 16 advskew 100"


ifconfig_em2="inet 172.16.0.1 netmask 255.255.255.0"
ifconfig_carp4="up 172.16.0.200 netmask 255.255.255.0 vhid 100"
ifconfig_pfsync0="up syncif em2"

usbd_enable="YES"
pf_enable="YES"
gateway_enable="YES"
pf_rules="/etc/pf.conf"
pf_flags=""
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
pflog_flags=""
sshd_enable="YES"
ntpd_enable="YES"

>How-To-Repeat:
Set the state limit in pf.conf to 100000 or something like that.
>Fix:
not known

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list