[Bug 233867] pf: Long freezes on NAT port exhaustion
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat Dec 8 14:57:13 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233867
Kristof Provost <kp at freebsd.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://bugs.freebsd.org/bu
| |gzilla/show_bug.cgi?id=1840
| |03
Status|New |Open
--- Comment #2 from Kristof Provost <kp at freebsd.org> ---
The system loses network connectivity when it can't find a free source port in
pf_get_sport(). It keeps calling pf_map_addr(), trying to get a new IP to check
for available ports.
I believe this problem was introduced by the patch in PR# 184003.
Note that we're running NAT with PF_POOL_STICKYADDR, so we find a src_node, and
the early return is taken. This means we always return the same IP, and loop
through the available ports in pf_get_sport() again and again. This loop
continues until a state times out, and we do find a free port.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list