>>>>> "Lars" == Lars Kotthoff <li...@larsko.org> writes:
Lars> Just to say that I've been having the same problem with a Lars> Soekris board since about 4.4. I haven't figured out what's Lars> going on, but strangely the problem is getting better with Lars> time (i.e. the rate at which mbufs are allocated decreases). Lars> I *think* that it was fine in 4.3 (though I never run the Lars> machine for any length of time with that kernel), so you could Lars> try that if you want to investigate. Lars> I haven't been able to establish a correlation between Lars> allocated mbufs and (network) load either. Lars> The "solution" for me so far has been to keep a watchful eye Lars> and reboot the machine once too much memory is used, combined Lars> with a watchdog and monit to reboot the machine automatically Lars> if it becomes unresponsive. I've had a similar issue in the past (see PR kernel/6380). First a small amount of background, I'm using an Alix 3d3 to act as a bridging firewall. ISP <--> vr2 <--> Bridge0 + PF <--> vr1 <--> MyHost With this setup, if PF was enabled, or disabled, I would leak 2k sized mbufs at a roughly linear rate, causing the system to become non-responsive after it could not allocate more mbufs. Raising the limit on mbufs would prolong the hang, and raised high enough the machine would hang when it ran off the end of memory. I eventually found a way to mitigate this by filtering the MAC's seen through the bridge. This isn't a fix to the real problem, just a bandaid that seems to fit. Basically I only allow packets written with the MAC for MyHost on the bridge with the following in /etc/hostname.bridge0: add vr2 add vr1 rule pass in on vr1 src 88:88:88:88:88:88 tag extbr rule pass out on vr1 dst 88:88:88:88:88:88 tag extbr rule block on vr1 up This keeps my inside machine from having to see the ISP's usual background packets (arp spam, etc). With these filters in place the firewall has been stable and non-leaking for > 100 days. I don't understand the link between this filtering and the memory leaks that are seen without it (I started to go through the code, but so far RealLife(TM) has kept me from completely getting my head around it). Anyways, I don't know if this will be at all applicable for what you are seeing, but hopefully it's a nudge in the right direction. -- Chris