Giulio Ferro
Thu, 18 Mar 2010 13:38:41 -0700
On 18.03.2010 20:35, Max Laier wrote:
Okay ... so it looks like this is a live lock (not a deadlock) and it's probably caused by relooping packets. Now we "only" have to find the culprit for the loop ... can you share your setup details, again? The simpler the better.
Ok > uname -aFreeBSD firewall-1.acme.com 8.0-STABLE FreeBSD 8.0-STABLE #2: Thu Mar 18 15:59:27 CET 2010 r...@acme.com:/usr/obj/usr/src/sys/FIREWALL amd64
> cat /etc/sysctl.conf net.inet.ip.forwarding=1 net.inet.ip.fastforwarding=1 net.inet.carp.preempt=1Services running : sshd, named, inetd, ntpd, openvpn (tap), racoon, pptp, asterisk
2 physical interfaces : bce0, bce1 11 vlan interfaces : vlan1, ..., vlan11 (vlandev bce1) 11 carp interfaces ; carp1, ..., carp11 (carp1 has 23 alias addresses) 1 bridge interfaces : bridge0 addm vlan35 (used by openvpn) 2 gif interfaces : gif0, gif1 (racoon / IPSEC) 8 static routespf packet filter : 12 rdr rules, 3 nat rules, set skip{lo0, bridge0}, 4 pass quick, block log all, about 30 pass keep state
This should be all. I'm available for any test / patch... Thanks. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"