ok, we have multiple issues here. * Christophe Rioux <[EMAIL PROTECTED]> [2008-10-07 13:15]: > Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg > Idle > ... > pfrktable 1240 5434 5 4434 334 0 334 334 0 334 > 0 > ... > The rest seems to be OK.
the 5 failed requests probably map to the error you see. the pfrktable pool has no hard limit. it looks like you simply request more memory in one chunk than available in the pool at that time, and the backend allocator doesn't get to run at that point. I'm not entirely sure why the allocator doesn't run in that context, will find out. > I try to increase the memory for the table in pf.conf > set limit tables 10000 # default 1000 > But nothing is changed. there is no button you can push to fix this. > > # pfctl -f pf.conf > > pfctl: failed to create table __automatic_e11ee055_282 in : > > Cannot allocate memory so the ruleset optiomizer optimized a large list of addresses into a table for you. then allocating memory for that table failed. > > pfctl in free(): error: chunk is already free that should not happen either... I don't see where this is coming from tho. if you can reproduce this problem at will, please build a pfctl with debug symols (cd /usr/src/sbin/pfctl; make clean; DEBUG=-g make) and run it under gdb (gdb /usr/src/sbin/pfctl/obj/pfctl, on the gdb prompt "run -f /etc/pf.conf" and when it dies type "bt" and send me the entire output from starting gdb to the end of the trace to henning@) > > Somebody an idea ? only a stupid workaround for the moment... "set optimization none" -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
