UDP LOR with the latest RELENG_7
Jeremy Chadwick
koitsu at FreeBSD.org
Fri Oct 10 08:21:20 PDT 2008
On Fri, Oct 10, 2008 at 06:11:25PM +0300, Vlad GALU wrote:
> On Fri, Oct 10, 2008 at 5:57 PM, Mike Tancsa <mike at sentex.net> wrote:
> > At 08:40 AM 10/10/2008, Vlad GALU wrote:
> >>
> >> As my kernel had started to lock up periodically and I don't have
> >> hands-on access to that machine, I enabled WITNESS.
> >> So these started to pop up:
> >
> > Is this with a stock kernel and sysctl settings ? Or do you have any custom
> > kernel options ?
>
> Jeremy pointed to a possible culprit - running csup again brought
> uipc_usrreq.c to version 1.206.2.5. I'm rebuilding a new kernel with
> this revision as I type and I'll see how it goes. I'm attaching the
> sysctl.conf below just to be safe:
I remember LORs pertaining to UDP being discussed recently.
Possibly relevant threads:
http://lists.freebsd.org/pipermail/freebsd-stable/2008-September/thread.html#45020
http://lists.freebsd.org/pipermail/freebsd-stable/2008-September/thread.html#45109
http://lists.freebsd.org/pipermail/freebsd-stable/2008-September/thread.html#45193
http://lists.freebsd.org/pipermail/freebsd-stable/2008-September/thread.html#45231
The last one is rwatson's fix, and confirmation from a couple people
that it fixes their issues.
> -- cut here --
> kern.ipc.maxsockets=32768
> kern.ipc.nmbclusters=65536
> kern.ipc.shmall=134217728
> kern.ipc.shmmax=134217728
> kern.logsigexit=0
> kern.maxfiles=131072
> kern.maxfilesperproc=32768
> kern.randompid=100
> kern.random.sys.harvest.swi=1
> kern.securelevel=-1
> net.bpf.bufsize=1048576
> net.bpf.maxbufsize=1048576
> net.inet.icmp.drop_redirect=1
> net.inet.icmp.icmplim=20
> net.inet.icmp.icmplim_output=0
> net.inet.icmp.maskrepl=0
> net.inet.icmp.reply_from_interface=1
> net.inet.ip.check_interface=0
> net.inet.ip.forwarding=1
> net.inet.ip.fastforwarding=1
> net.inet.ip.process_options=0
> net.inet.ip.random_id=0 # scrubbing with pf
> net.inet.ip.redirect=0
> net.inet.ip.stealth=1
> net.inet.tcp.always_keepalive=1
> net.inet.tcp.blackhole=2
> net.inet.tcp.delayed_ack=1
> net.inet.tcp.drop_synfin=1
> net.inet.tcp.log_in_vain=0
> net.inet.tcp.recvspace=32768
> net.inet.tcp.rfc1323=1
> net.inet.tcp.rfc3042=1
> net.inet.tcp.rfc3390=1
> net.inet.tcp.sack.enable=1
> net.inet.tcp.sendspace=32768
> net.inet.tcp.syncookies=0
> net.inet.udp.blackhole=1
> net.inet.udp.log_in_vain=0
> net.link.ether.inet.max_age=1200
> security.bsd.conservative_signals=1
> security.bsd.hardlink_check_gid=0
> security.bsd.hardlink_check_uid=1
> security.bsd.see_other_gids=0
> security.bsd.see_other_uids=0
> security.bsd.suser_enabled=1
> security.bsd.unprivileged_get_quota=0
> security.bsd.unprivileged_proc_debug=0
> security.bsd.unprivileged_read_msgbuf=0
> security.jail.allow_raw_sockets=0
> security.jail.set_hostname_allowed=0
> security.jail.socket_unixiproute_only=1
> security.jail.sysvipc_allowed=0
> security.mac.seeotheruids.enabled=1
> security.mac.seeotheruids.specificgid_enabled=1
> security.mac.seeotheruids.specificgid=0
> vfs.hirunningspace=33554432
> vfs.read_max=16
> vfs.ufs.dirhash_maxmem=8388608
> -- and here --
Good grief, we could spend 2 years debugging just the sysctl.conf
pieces... :-)
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
More information about the freebsd-stable
mailing list