On Tue, Oct 01, 2002 at 09:50:23AM -0700, Lars Eggert wrote:
> Andre Oppermann wrote:
> >
> > In the FreeBSD May-June 2002 Status Report we have announced a natd
> > rewrite to make it's configuration options more powerful and support
> > more ip addresses to nat to.
>
> I haven't had time to look at the new natd yet, but the old one would
> easily get into a state where it ate up 100% of the CPU time (on our
> local ISI network, which has admittedly lots of strange packets on it
> from experiments.)
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/36183 says it was fixed
> in 4.5, but I've seen it with 4.6 still (not sure if the same reasons
> caused it though.)
The PR you refer to probably has to do with the code looping
on a write on a non-blocking socket in case of a write error.
That has been fixed long ago, but because it was related to
a misunderstanding of write() semantics on sockets (which are
normally non-blocking unless the underlying protocol implements
flow control e.g. TCP), it is not unreasonable that there might
be more instances of the same problem.
Another problem which might be what you are seeing is
the following, which i already reported to Andre:
One common complaint with the old libalias is that
performance tends to trash with time -- this seems to be
due to the very long timeout (24hrs ?) for sessions, coupled
to the fact that newly created sesssions are appended to
the end of the hash chains so over time the lookup times
tend to become larger and larger.
One easy fix to this behaviour is to move to the front of
the hash chain a session descriptor upon a successful lookup.
This keeps fresh sessions near the head of the chain while
stale ones drift towards the end.
according to Andre this has not been addressed in the new
libalias yet.
thanks
luigi
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
