Public bug reported:

The default xfrm4_gc_thresh (and xfrm6_gc_thresh) value is currently
32k, but in systems with > 16 cpus, this will (eventually) cause
failures when ipsec uses too many dst objects.  As xfrm doesn't actually
manage its dst objects, the flowcache does, this parameter doesn't
actually control xfrm dst gc, it only causes failures when exceeded.
Thus is should simply be set to INT_MAX.

Upstream commit that fixes this is

** Affects: linux (Ubuntu)
     Importance: Undecided
     Assignee: Dan Streetman (ddstreet)
         Status: Incomplete

** Changed in: linux (Ubuntu)
     Assignee: (unassigned) => Dan Streetman (ddstreet)

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

  xfrm4_gc_thresh should default to INT_MAX

To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to