Re: kern/132277: [crypto] [ipsec] poor performance using cryptodevice for IPSEC
The following reply was made to PR kern/132277; it has been noted by GNATS. From: Vasile Marii To: bug-follo...@freebsd.org Cc: Subject: Re: kern/132277: [crypto] [ipsec] poor performance using cryptodevice for IPSEC Date: Mon, 16 Mar 2009 11:26:46 +0200 Thanks Patrick. Anyway, that patch solves the problem for glxsb but let's admit that there is still a problem with the OCF interface or OCF itself because on linux geode performs much better: around 90 Mbps. I must insist that there is a problem with the OCF or something because it's not ok to get half a speed on a 100Mbps NIC only because interaction with IP stack(as i think) or interface with OCF is not ok. -- Vasile Marii ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Current problem reports assigned to freebsd-net@FreeBSD.org
Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description o kern/132672 net[ndis] [panic] ndis with rt2860.sys causes kernel pani o kern/132625 net[iwn] iwn drivers don't support setting country o kern/132554 net[ipl] There is no ippool start script/ipfilter magic t o kern/132354 net[nat] Getting some packages to ipnat(8) causes crash o kern/132342 net[ndis] [patch] incorrect number used in for loop; fix o kern/132285 net[carp] alias gives incorrect hash in dmesg o kern/132277 net[crypto] [ipsec] poor performance using cryptodevice f o conf/132179 net[patch] /etc/network.subr: ipv6 rtsol on incorrect wla o kern/132107 net[carp] carp(4) advskew setting ignored when carp IP us o kern/131781 net[ndis] ndis keeps dropping the link o kern/131776 net[wi] driver fails to init o kern/131753 net[altq] [panic] kernel panic in hfsc_dequeue o bin/131567 net[socket] [patch] Update for regression/sockets/unix_cm o kern/131549 netifconfig(8) can't clear 'monitor' mode on the wireless o kern/131536 net[netinet] [patch] kernel does allow manipulation of su o bin/131365 netroute(8): route add changes interpretation of network o kern/131310 net[panic] 7.1 panics with mpd netgraph interface changes o kern/131162 net[ath] Atheros driver bugginess and kernel crashes o kern/131153 net[iwi] iwi doesn't see a wireless network f kern/131087 net[ipw] [panic] ipw / iwi - no sent/received packets; iw f kern/130820 net[ndis] wpa_supplicant(8) returns 'no space on device' o kern/130628 net[nfs] NFS / rpc.lockd deadlock on 7.1-R o conf/130555 net[rc.d] [patch] No good way to set ipfilter variables a o kern/130525 net[ndis] [panic] 64 bit ar5008 ndisgen-erated driver cau o kern/130311 net[wlan_xauth] [panic] hostapd restart causing kernel pa o bin/130159 net[patch] ppp(8) fails to correctly set routes o kern/130109 net[ipfw] Can not set fib for packets originated from loc f kern/130059 net[panic] Leaking 50k mbufs/hour o kern/129750 net[ath] Atheros AR5006 exits on "cannot map register spa f kern/129719 net[nfs] [panic] Panic during shutdown, tcp_ctloutput: in o kern/129580 net[ndis] Netgear WG311v3 (ndis) causes kenel trap at boo o kern/129517 net[ipsec] [panic] double fault / stack overflow o kern/129508 net[panic] Kernel panic with EtherIP (may be related to S o kern/129352 net[xl] [patch] xl0 watchdog timeout o kern/129219 net[ppp] Kernel panic when using kernel mode ppp o kern/129135 net[vge] vge driver on a VIA mini-ITX not working o bin/128954 netifconfig(8) deletes valid routes o kern/128917 net[wpi] [panic] if_wpi and wpa+tkip causing kernel panic o kern/128884 net[msk] if_msk page fault while in kernel mode o kern/128840 net[igb] page fault under load with igb/LRO o bin/128602 net[an] wpa_supplicant(8) crashes with an(4) o kern/128598 net[bluetooth] WARNING: attempt to net_add_domain(bluetoo o kern/128448 net[nfs] 6.4-RC1 Boot Fails if NFS Hostname cannot be res o conf/128334 net[request] use wpa_cli in the "WPA DHCP" situation o bin/128295 net[patch] ifconfig(8) does not print TOE4 or TOE6 capabi o bin/128001 netwpa_supplicant(8), wlan(4), and wi(4) issues o kern/127928 net[tcp] [patch] TCP bandwidth gets squeezed every time t o kern/127834 net[ixgbe] [patch] wrong error counting o kern/127826 net[iwi] iwi0 driver has reduced performance and connecti o kern/127815 net[gif] [patch] if_gif does not set vlan attributes from o kern/127724 net[rtalloc] rtfree: 0xc5a8f870 has 1 refs f bin/127719 netarp: Segmentation fault (core dumped) s kern/127587 net[bge] [request] if_bge(4) doesn't support BCM576X fami f kern/127528 net[icmp]: icmp socket receives icmp replies not owned by o bin/127192 netrouted(8) removes the secondary alias IP of interface f kern/127145 net[wi]: prism (wi) driver crash at bigger traffic o kern/127102 net[wpi] Intel 3945ABG low throughput o kern/127057 net[udp] Unable to send UDP packet via IPv6 socket to IPv o kern/127050 net[carp] ipv6 does not work on carp interfaces [regressi o kern/126945 net[carp] CARP interface destruction with ifconfig destro o kern/126924 net[an] [patch] printf -> device_printf and simplify prob
Synopsis: process swi1: net, taskq em0 and dummynet gives 100% CPU usage
Synopsis: process swi1: net, taskq em0 and dummynet gives 100% CPU usage Related to http://lists.freebsd.org/pipermail/freebsd-net/2009-February/021120.html Not depending on the conditions (no heavy load, not a lot of traffic passing through, not a lot of ng nodes) server stops to work properly. A: 1) swi1:net gives me 100% CPU usage. 2) server is not responding to icmp echo requests 3) ssh of course not working 4) mpd has an "ngsock" state at the top 5) rebooting the server helps. B: 1) taskq: em0 gives me 100% CPU usage. 2) I have watchdog timeout in my /var/log/messages 3) server is not responding to icmp echo requests 4) ssh of course not working 5) mpd has an "ngsock" state at the top 6) rebooting the server helps. 7) swi1:net is 0% C: 1) dummynet process gives 100% CPU usage. 2) server is not responding to icmp echo requests 3) ssh of course not working 4) mpd has an "ngsock" state at the top 5) rebooting the server helps. I have few servers: INTEL S3200SH with Q8200 or E8600 NICs: 82566DM-2 or 82571EB (em driver) OSes: FreeBSD 7.0-RELEASE-p10, FreeBSD 7.0-RELEASE-p9, FreeBSD 6.4-RELEASE-p3 Soft: mpd 4.4.1, ipfw with dummynet shaping, pf (nat only) PPPoE I'm using only em0 card with about 550 vlans 2000 ng nodes created About 500-700 simultaneous PPPoE sessions in a rush hour. kernel: device bpf # Berkeley packet filter device pf options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_FORWARD options IPFIREWALL_VERBOSE_LIMIT=1000 options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT options DUMMYNET options DEVICE_POLLING options HZ=2000 options NETGRAPH options NETGRAPH_ETHER options NETGRAPH_IFACE options NETGRAPH_SOCKET options NETGRAPH_PPP options NETGRAPH_TCPMSS options NETGRAPH_TEE options NETGRAPH_VJC options NETGRAPH_PPPOE On some servers i have netgraph as modules and polling option commented out. sysctl.conf: net.inet.ip.intr_queue_maxlen=1000 net.inet.tcp.blackhole=2 net.inet.udp.blackhole=1 net.inet.ip.dummynet.hash_size=1024 net.inet.ip.dummynet.io_fast=1 net.inet.ip.fw.one_pass=1 net.inet.ip.fastforwarding=1 net.isr.direct=0 #net.inet.ip.portrange.randomized=0 net.inet.tcp.syncookies=1 kern.ipc.maxsockbuf=1048576 net.graph.maxdgram=524288 net.graph.recvspace=524288 net.inet.ip.portrange.first=1024 net.inet.ip.portrange.last=65535 dev.em.0.rx_int_delay=160 dev.em.0.rx_abs_int_delay=160 dev.em.0.tx_int_delay=160 dev.em.0.tx_abs_int_delay=160 dev.em.0.rx_processing_limit=200 loader.conf: autoboot_delay="2" kern.ipc.maxpipekva=1000 net.graph.maxalloc=2048 hw.em.rxd="512" hw.em.txd="1024" About 30 ipfw rules and 2 rules for shaping: 00300 pipe tablearg ip from any to table(4) out via ng* 00301 pipe tablearg ip from table(5) to any in via ng* I have tested different network cards with different chipsets. With and without lagg0. I had the same problems with Freebsd 7.1-RELEASE-p1/p2. I tried to start servers without em tuning in loader.conf and sysctl.conf. Server uptime differs from one week to two month. I have two another servers with the same hardware, but without using dummynet, netgraph and mpd. There is only quagga + bgp, same chipsets, FreeBSD 7.0-RELEAS-p10. No problems at all. IMHO: problem is somewhere in netgraph. Something is causing an infinite loop. Any ideas? ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
uRPF
Hi everyone, I've implemented RTBH within our network, but I have one small issue. I've got one FreeBSD/Quagga edge router that has an interface which contains a default route out. Although this will change in the next while, at this time, it is preventing me from doing reverse path check, thereby breaking source-based black-holing. It appears to me that IPFW's verrevpath (and it's kin) do not provide the ability to perform the RPF check and allow default. Have there been any advancements in this regard? Am I missing something, or is there another approach to allowing default with reverse path? Regards, Steve ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: IGMP+WiFi panic on recent kernel - in igmp_fasttimo()
The crash that I am seeing (using if_ndis) occurs in igmp_fasttimo...
This patch doesn't fix that, I'll get more info as soon as I can.
On Sat, 2009-03-14 at 14:06 -0700, Sam Leffler wrote:
> This patches avoids the crash. Not sure how ifma_protospec is supposed
> to be handled so I'm not committing it.
>
> Sam
>
> plain text document attachment (mcast.patch)
> Index: in.c
> ===
> --- in.c (revision 189750)
> +++ in.c (working copy)
> @@ -1040,7 +1040,8 @@
>*/
> IF_ADDR_LOCK(ifp);
> TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
> - if (ifma->ifma_addr->sa_family != AF_INET)
> + if (ifma->ifma_addr->sa_family != AF_INET ||
> + ifma->ifma_protospec == NULL)
> continue;
> inm = (struct in_multi *)ifma->ifma_protospec;
> LIST_INSERT_HEAD(&purgeinms, inm, inm_link);
> Index: igmp.c
> ===
> --- igmp.c(revision 189750)
> +++ igmp.c(working copy)
> @@ -623,7 +623,8 @@
> if (igi->igi_version == IGMP_VERSION_3) {
> IF_ADDR_LOCK(ifp);
> TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
> - if (ifma->ifma_addr->sa_family != AF_INET)
> + if (ifma->ifma_addr->sa_family != AF_INET ||
> + ifma->ifma_protospec == NULL)
> continue;
> inm = (struct in_multi *)ifma->ifma_protospec;
> if (inm->inm_state == IGMP_LEAVING_MEMBER) {
> ___
> freebsd-curr...@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
--
Coleman Kane
signature.asc
Description: This is a digitally signed message part
Re: IGMP+WiFi panic on recent kernel - in igmp_fasttimo()
It is the same issue but the root cause is unclear. There is much code
that does assumes ifma_protospec might be NULL and checks for it. In my
case (creating a wlan ifnet and then destroying it on eject) the patch
below is sufficient. I don't care to dig right now to understand how
this stuff is supposed to work; it should be clear from comments etc but
the code is lacking.
Sam
Coleman Kane wrote:
The crash that I am seeing (using if_ndis) occurs in igmp_fasttimo...
This patch doesn't fix that, I'll get more info as soon as I can.
On Sat, 2009-03-14 at 14:06 -0700, Sam Leffler wrote:
This patches avoids the crash. Not sure how ifma_protospec is supposed
to be handled so I'm not committing it.
Sam
plain text document attachment (mcast.patch)
Index: in.c
===
--- in.c(revision 189750)
+++ in.c(working copy)
@@ -1040,7 +1040,8 @@
*/
IF_ADDR_LOCK(ifp);
TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
- if (ifma->ifma_addr->sa_family != AF_INET)
+ if (ifma->ifma_addr->sa_family != AF_INET ||
+ ifma->ifma_protospec == NULL)
continue;
inm = (struct in_multi *)ifma->ifma_protospec;
LIST_INSERT_HEAD(&purgeinms, inm, inm_link);
Index: igmp.c
===
--- igmp.c (revision 189750)
+++ igmp.c (working copy)
@@ -623,7 +623,8 @@
if (igi->igi_version == IGMP_VERSION_3) {
IF_ADDR_LOCK(ifp);
TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
- if (ifma->ifma_addr->sa_family != AF_INET)
+ if (ifma->ifma_addr->sa_family != AF_INET ||
+ ifma->ifma_protospec == NULL)
continue;
inm = (struct in_multi *)ifma->ifma_protospec;
if (inm->inm_state == IGMP_LEAVING_MEMBER) {
___
freebsd-curr...@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: kern/132705: [tcp_wrappers] [patch] libwrap - infinite loop if hosts.allow line > 2k
Old Synopsis: libwrap - infinite loop if hosts.allow line > 2k New Synopsis: [tcp_wrappers] [patch] libwrap - infinite loop if hosts.allow line > 2k Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Tue Mar 17 00:34:17 UTC 2009 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=132705 ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: kern/132715: [lagg] [panic] Panic when creating vlan's on lagg interface
Old Synopsis: Panic when creating vlan's on lagg interface New Synopsis: [lagg] [panic] Panic when creating vlan's on lagg interface Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Tue Mar 17 02:33:42 UTC 2009 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=132715 ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
