On Tue, Feb 28, 2012 at 10:37 PM, Alexander Leidinger <alexan...@leidinger.net> wrote: > Quoting ~Lst <slack...@gmail.com> (from Tue, 28 Feb 2012 16:38:43 +0700): > >> 2012/2/28 Steve Wills <swi...@freebsd.org>: >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On 02/27/12 10:53, Łukasz Wąsikowski wrote: >>>> >>>> W dniu 2012-02-22 23:31, Bjoern A. Zeeb pisze: >>>> >>>>> You cannot ship that on by default for non-tecnical reasons in a >>>>> kernel. Please do not commit a kernel config that can be booted >>>>> (no LINT cannot be booted) with these on without consulting >>>>> appropriate hats upfront. >>>>> >>>>> >>>>>> - ALTQ - SW_WATCHDOG - QUOTA - IPSTEALTH (disabled in >>>>>> loader.conf) - IPFIREWALL_FORWARD (touches every packet, power >>>>>> users which need a bigger PPS but not this feature can >>>>>> recompile the kernel, discussed with julian@) - FLOWTABLE >>>>>> (disabled in loader.conf) >>>>> >>>>> Which is not the same as it's not 100% disabled and will still >>>>> allocate memory. >>>> >>>> >>>> FLOWTABLE on 8.x crashed BGP routers (kern/144917). I don't know if >>>> it is fixed by now, but this kind of potential problematic features >>>> should not be enabled by default. >>>> >>> >>> Agree, I've run into problems with FLOWTABLE (with just the features >>> that were enabled by default in 8.0) when routers changed MAC >>> addresses. As far as I understand it, FLOWTABLE is both broken and >>> abandoned (but if I'm wrong, please let me know). >>> >>> So, IMHO, not only should it not be enabled by default, but given that >>> it was disabled complete in 8.x after 8.0 (too lazy to look at exactly >>> when right now), I think it shouldn't even be included, since that >>> might encourage users to try it out only to encounter problems with it. >>> >>> Steve >>> >> >> Definitely yes, I'd some problems too with FLOWTABLE running for router. >> So I have to disabled in kernel and sysctl. > > > To make sure I understand you correctly: Did you disabled it with the > sysctl/loader-tunable and everything was OK again, or did you had to remove > it from the kernel config (disabling via sysctl was not enough) to resolve > the issue? > > I have one report where a person has issue with FLOWTABLE, but disabling it > via the sysctl/loader-tunable was enough to address his concerns. > > Bye, > Alexander. >
I had to remove it from the kernel config and in my cased disabling via sysctl was not enough to resolve the issue Rgds, -- Lasta Yani _______________________________________________ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
