I strongly recommend to read this
http://undeadly.org/cgi?action=article&sid=20060927091645
On 11 jun 2013, at 23:27, mxb <m...@alumni.chalmers.se> wrote:
>
> Now, you see:
>
>> current entries 9980
>
> but
>> states hard limit 10000
>
>
> You machine was unable to insert states at some point.
> This indicated by
>> memory 79166
>
>
> Solution: Increase hard limit.
>
>
> On 11 jun 2013, at 22:59, Jason Wong <wong.jaso...@yahoo.com> wrote:
>
>> Here's the output from "netstat -m" , "pfctl -si" and "pfctl -sm".
>>
>> I was just noticing that the state table current entries is enormous for
some reason.
>>
>> # pfctl -si
>> Status: Enabled for 4 days 02:15:03 Debug: err
>>
>> State Table Total Rate
>> current entries 9980
>> searches 16096602 45.5/s
>> inserts 1069156 3.0/s
>> removals 1059176 3.0/s
>> Counters
>> match 259655 0.7/s
>> bad-offset 0 0.0/s
>> fragment 0 0.0/s
>> short 0 0.0/s
>> normalize 0 0.0/s
>> memory 79166 0.2/s
>> bad-timestamp 0 0.0/s
>> congestion 0 0.0/s
>> ip-option 376 0.0/s
>> proto-cksum 0 0.0/s
>> state-mismatch 18 0.0/s
>> state-insert 0 0.0/s
>> state-limit 0 0.0/s
>> src-limit 13 0.0/s
>> synproxy 0 0.0/s
>>
>> # pfctl -sm
>> states hard limit 10000
>> src-nodes hard limit 10000
>> frags hard limit 1536
>> tables hard limit 1000
>> table-entries hard limit 200000
>>
>> # netstat -m
>> 67 mbufs in use:
>> 55 mbufs allocated to data
>> 2 mbufs allocated to packet headers
>> 10 mbufs allocated to socket names and addresses
>> 53/138/6144 mbuf 2048 byte clusters in use (current/peak/max)
>> 0/8/6144 mbuf 4096 byte clusters in use (current/peak/max)
>> 0/8/6144 mbuf 8192 byte clusters in use (current/peak/max)
>> 0/8/6144 mbuf 9216 byte clusters in use (current/peak/max)
>> 0/8/6144 mbuf 12288 byte clusters in use (current/peak/max)
>> 0/8/6144 mbuf 16384 byte clusters in use (current/peak/max)
>> 0/8/6144 mbuf 65536 byte clusters in use (current/peak/max)
>> 556 Kbytes allocated to network (22% in use)
>> 0 requests for memory denied
>> 0 requests for memory delayed
>> 0 calls to protocol drain routines
>>
>>
>>
>>
>> From: mxb <m...@alumni.chalmers.se>
>> To: Jason Wong <wong.jaso...@yahoo.com>
>> Cc: "misc@openbsd.org" <misc@openbsd.org>
>> Sent: Tuesday, June 11, 2013 4:40 PM
>> Subject: Re: intermittent network failures with openbsd 5.3
>>
>>
>> Can you, please, send output from "netstat -m" , "pfctl -si" and "pfctl
-sm".
>>
>> On 10 jun 2013, at 23:20, Jason Wong <wong.jaso...@yahoo.com> wrote:
>>
>> > Been having some strange issues with a system recently upgraded to 5.3.
>> > Previously this computer was running OpenBSD 5.1, and was rock solid
with
>> > close to a year of uptime.
>> >
>> > I went through the regular upgrade procedure
>> > (booting from a 5.3 CD), and sysmerge, no problems reported during the
>> > upgrade.
>> >
>> >
>> > After the system has been running for a couple days, it stops
>> > responding to network traffic in or out. Some kind of weird routing issue
is
>> > occurring, even affecting localhost:
>> >
>> > # ping localhost
>> > PING localhost
>> > (127.0.0.1): 56 data bytes
>> > ping: sendto: No route to host
>> > ping: wrote
>> > localhost 64 chars, ret=-1
>> > --- localhost ping statistics ---
>> > 1 packets
>> > transmitted, 0 packets received, 100.0% packet loss
>> >
>> > After a few hours,
>> > everything returns to normal.
>> >
>> > The system is dual-core, so I tried both single
>> > & multiprocessor kernels to rule that out, but no luck. I've tried with
the
>> > 5.3-stable kernel, and the 5.3-release kernel, but the problem occurs
with
>> > both. I haven't tried 5.3-current yet.
>> >
>> > The dmesg is below. The system is
>> > lightly loaded, it is running a squid web proxy, dhcp server and arpwatch
on
>> > different interfaces.
>> >
>> > There isn't anything in the logs, aside from network
>> > failures like
>> >
>> > Jun 10 12:45:33 hostname ntpd[21828]: bad peer from pool
>> > pool.ntp.org (192.95.61.224)
>> > Jun 10 12:45:33 hostname ntpd[21828]: bad peer
>> > from pool pool.ntp.org (192.75.12.11)
>> >
>> > I'm really stumped with this one. Any
>> > suggestions?
>> >
>> >
>> > Thanks.
>> >
>> >
>> > OpenBSD 5.3 (GENERIC) #50: Tue Mar 12 18:35:23 MDT
>> > 2013
>> > dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
>> > cpu0:
>> > Intel(R) Pentium(R) 4 CPU 3.40GHz ("GenuineIntel" 686-class) 3.40 GHz
>> > cpu0:
>> >
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
>> >
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,LONG,SSE3,DTES64,MWAIT,DS-CPL,E
>> > ST,CNXT-ID,CX16,xTPR,LAHF,PERF
>> > real mem = 2137088000 (2038MB)
>> > avail mem =
>> > 2091192320 (1994MB)
>> > mainbus0 at root
>> > bios0 at mainbus0: AT/286+ BIOS, date
>> > 07/12/06, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xf0450 (73
entries)
>> > bios0: vendor Dell Inc. version "A08" date 07/12/2006
>> > bios0: Dell Inc.
>> > OptiPlex GX620
>> > acpi0 at bios0: rev 2
>> > acpi0: sleep states S0 S1 S3 S4 S5
>> > acpi0:
>> > tables DSDT FACP SSDT APIC BOOT ASF! MCFG HPET
>> > acpi0: wakeup devices VBTN(S4)
>> > PCI0(S5) PCI4(S5) PCI2(S5) PCI3(S5) PCI1(S5) PCI5(S5) PCI6(S5) MOU_(S3)
>> > USB0(S3) USB1(S3) USB2(S3) USB3(S3)
>> > acpitimer0 at acpi0: 3579545 Hz, 24 bits
>> > acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
>> > cpu0 at mainbus0: apid 0
>> > (boot processor)
>> > cpu0: apic clock running at 199MHz
>> > cpu at mainbus0: not
>> > configured
>> > ioapic0 at mainbus0: apid 8 pa 0xfec00000, version 20, 24 pins
>> > ioapic0: misconfigured as apic 0, remapped to apid 8
>> > acpimcfg0 at acpi0 addr
>> > 0xf0000000, bus 0-63
>> > acpihpet0 at acpi0: 14318179 Hz
>> > acpiprt0 at acpi0: bus 4
>> > (PCI4)
>> > acpiprt1 at acpi0: bus 2 (PCI2)
>> > acpiprt2 at acpi0: bus 3 (PCI3)
>> > acpiprt3 at acpi0: bus 1 (PCI1)
>> > acpiprt4 at acpi0: bus -1 (PCI5)
>> > acpiprt5 at
>> > acpi0: bus -1 (PCI6)
>> > acpiprt6 at acpi0: bus 0 (PCI0)
>> > acpicpu0 at acpi0
>> > acpibtn0 at acpi0: VBTN
>> > bios0: ROM list: 0xc0000/0xa800! 0xca800/0x1000
>> > 0xcb800/0x2000! 0xcd800/0x2800
>> > cpu0: Enhanced SpeedStep disabled by BIOS
>> > pci0
>> > at mainbus0 bus 0: configuration mode 1 (bios)
>> > pchb0 at pci0 dev 0 function 0
>> > "Intel 82945G Host" rev 0x02
>> > ppb0 at pci0 dev 1 function 0 "Intel 82945G PCIE"
>> > rev 0x02: apic 8 int 16
>> > pci1 at ppb0 bus 1
>> > em0 at pci1 dev 0 function 0 "Intel
>> > PRO/1000 PT (82571EB)" rev 0x06: apic 8 int 16, address
00:15:17:6f:bc:5c
>> > em1
>> > at pci1 dev 0 function 1 "Intel PRO/1000 PT (82571EB)" rev 0x06: apic 8
int
>> > 17, address 00:15:17:6f:bc:5d
>> > vga1 at pci0 dev 2 function 0 "Intel 82945G
>> > Video" rev 0x02
>> > wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
>> > wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
>> > intagp0 at vga1
>> > agp0 at
>> > intagp0: aperture at 0xe0000000, size 0x10000000
>> > inteldrm0 at vga1: apic 8 int
>> > 16
>> > drm0 at inteldrm0
>> > "Intel 82945G Video" rev 0x02 at pci0 dev 2 function 1
>> > not configured
>> > ppb1 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01:
>> > apic 8 int 16
>> > pci2 at ppb1 bus 2
>> > bge0 at pci2 dev 0 function 0 "Broadcom
>> > BCM5751" rev 0x01, BCM5750 A1 (0x4001): apic 8 int 16, address
>> > 00:13:72:98:43:7d
>> > brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0
>> > ppb2 at pci0 dev 28 function 1 "Intel 82801GB PCIE" rev 0x01: apic 8 int
17
>> > pci3 at ppb2 bus 3
>> > uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev
>> > 0x01: apic 8 int 21
>> > uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev
>> > 0x01: apic 8 int 22
>> > uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev
>> > 0x01: apic 8 int 18
>> > uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev
>> > 0x01: apic 8 int 23
>> > ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev
>> > 0x01: apic 8 int 21
>> > usb0 at ehci0: USB revision 2.0
>> > uhub0 at usb0 "Intel EHCI
>> > root hub" rev 2.00/1.00 addr 1
>> > ppb3 at pci0 dev 30 function 0 "Intel 82801BA
>> > Hub-to-PCI" rev 0xe1
>> > pci4 at ppb3 bus 4
>> > em2 at pci4 dev 0 function 0 "Intel
>> > PRO/1000GT (82541GI)" rev 0x05: apic 8 int 16, address 00:1b:21:2f:a9:35
>> > xl0
>> > at pci4 dev 2 function 0 "3Com 3c905B 100Base-TX" rev 0x30: apic 8 int
18,
>> > address 00:01:02:c8:45:47
>> > exphy0 at xl0 phy 24: 3Com internal media interface
>> > auich0 at pci0 dev 30 function 2 "Intel 82801GB AC97" rev 0x01: apic 8
int 23,
>> > ICH7 AC97
>> > ac97: codec id 0x41445374 (Analog Devices AD1981B)
>> > ac97: codec
>> > features headphone, 20 bit DAC, No 3D Stereo
>> > audio0 at auich0
>> > ichpcib0 at pci0
>> > dev 31 function 0 "Intel 82801GB LPC" rev 0x01: PM disabled
>> > pciide0 at pci0
>> > dev 31 function 1 "Intel 82801GB IDE" rev 0x01: DMA, channel 0 configured
to
>> > compatibility, channel 1 configured to compatibility
>> > atapiscsi0 at pciide0
>> > channel 0 drive 0
>> > scsibus0 at atapiscsi0: 2 targets
>> > cd0 at scsibus0 targ 0 lun
>> > 0: <Optiarc, DVD+-RW ND-3570A, 104B> ATAPI 5/cdrom removable
>> > atapiscsi1 at
>> > pciide0 channel 0 drive 1
>> > scsibus1 at atapiscsi1: 2 targets
>> > cd1 at scsibus1
>> > targ 0 lun 0: <ASUS, CD-S400/A, 2.3S> ATAPI 5/cdrom removable
>> > cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
>> > cd1(pciide0:0:1): using
>> > PIO mode 4, Ultra-DMA mode 2
>> > pciide0: channel 1 ignored (disabled)
>> > pciide1 at
>> > pci0 dev 31 function 2 "Intel 82801GB SATA" rev 0x01: DMA, channel 0
>> > configured to native-PCI, channel 1 configured to native-PCI
>> > pciide1: using
>> > apic 8 int 20 for native-PCI interrupt
>> > wd0 at pciide1 channel 0 drive 0:
>> > <ST3160812AS>
>> > wd0: 16-sector PIO, LBA48, 152587MB, 312500000 sectors
>> > wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 6
>> > ichiic0 at pci0 dev 31
>> > function 3 "Intel 82801GB SMBus" rev 0x01: SMI
>> > iic0 at ichiic0
>> > spdmem0 at iic0
>> > addr 0x50: 512MB DDR2 SDRAM non-parity PC2-4200CL5
>> > spdmem1 at iic0 addr 0x51:
>> > 512MB DDR2 SDRAM non-parity PC2-4200CL5
>> > spdmem2 at iic0 addr 0x52: 512MB DDR2
>> > SDRAM non-parity PC2-4200CL5
>> > spdmem3 at iic0 addr 0x53: 512MB DDR2 SDRAM
>> > non-parity PC2-4200CL5
>> > usb1 at uhci0: USB revision 1.0
>> > uhub1 at usb1 "Intel
>> > UHCI root hub" rev 1.00/1.00 addr 1
>> > usb2 at uhci1: USB revision 1.0
>> > uhub2 at
>> > usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
>> > usb3 at uhci2: USB revision
>> > 1.0
>> > uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
>> > usb4 at uhci3:
>> > USB revision 1.0
>> > uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1
>> > isa0
>> > at ichpcib0
>> > isadma0 at isa0
>> > com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte
>> > fifo
>> > pckbc0 at isa0 port 0x60/5
>> > pckbd0 at pckbc0 (kbd slot)
>> > pckbc0: using irq
>> > 1 for kbd slot
>> > wskbd0 at pckbd0: console keyboard, using wsdisplay0
>> > pcppi0 at
>> > isa0 port 0x61
>> > spkr0 at pcppi0
>> > lpt0 at isa0 port 0x378/4 irq 7
>> > npx0 at isa0
>> > port 0xf0/16: reported by CPUID; using exception 16
>> > fdc0 at isa0 port 0x3f0/6
>> > irq 6 drq 2
>> > fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
>> > mtrr: Pentium
>> > Pro MTRR support
>> > vscsi0 at root
>> > scsibus2 at vscsi0: 256 targets
>> > softraid0 at
>> > root
>> > scsibus3 at softraid0: 256 targets
>> > root on wd0a (782b3d7fb3f21963.a) swap
>> > on wd0b dump on wd0b
