Re: PF + BRIDGE + PFSYNC causes system freezing

Giulio Ferro Thu, 18 Mar 2010 13:39:15 -0700

On 18.03.2010 20:35, Max Laier wrote:

Okay ... so it looks like this is a live lock (not a deadlock) and it's
probably caused by relooping packets.  Now we "only" have to find the culprit
for the loop ...


can you share your setup details, again?  The simpler the better.


Ok

> uname -a

FreeBSD firewall-1.acme.com 8.0-STABLE FreeBSD 8.0-STABLE #2: Thu Mar 1815:59:27 CET 2010 r...@acme.com:/usr/obj/usr/src/sys/FIREWALL amd64



> cat /etc/sysctl.conf
net.inet.ip.forwarding=1
net.inet.ip.fastforwarding=1
net.inet.carp.preempt=1

Services running : sshd, named, inetd, ntpd, openvpn (tap), racoon,pptp, asterisk


2 physical interfaces : bce0, bce1
11 vlan interfaces : vlan1, ..., vlan11 (vlandev bce1)
11 carp interfaces ; carp1, ..., carp11  (carp1 has 23 alias addresses)
1 bridge interfaces : bridge0 addm vlan35 (used by openvpn)
2 gif interfaces : gif0, gif1 (racoon / IPSEC)

8 static routes

pf packet filter : 12 rdr rules, 3 nat rules, set skip{lo0, bridge0}, 4pass quick, block log all, about 30 pass keep state




This should be all.
I'm available for any test / patch...


Thanks.
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

Re: PF + BRIDGE + PFSYNC causes system freezing

Reply via email to