Re: kern/144917: Flowtable crashes system

[Evgenii Davidov]

Здравствуйте,

On Sat, Mar 20, 2010 at 11:06:35PM +0000, Doychin Dokov пишет:

> >Description:
> It seems like flowtable has been merged and enabled by default in 8.0.... which is a really really bad idea.
> On a system which handles two full BGP tables it makes one of the CPU cores run at 100% right after most of the prefixes get installed in the routing table.

i saw the same effect with ospf

--
Evgenii V Davidov

[Ilya Zhuravlev]

8.0-p2, 2 full-view with openbgpd
"tuning":
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
net.inet.icmp.icmplim_output=0
net.inet.icmp.drop_redirect=1
net.inet.flowtable.nmbflows=32768

1 week uptime.Now I think only about increasing tx/rx descriptors to
reduce interrupts (default values was not changed)

netstat -w1 -Iigb0
input (igb0) output
packets errs bytes packets errs bytes colls
49100 0 12290513 23693 0 27268884 0
48322 0 12688283 24332 0 28099404 0
50602 0 12759620 24437 0 27698341 0
47857 0 11354124 21410 0 23845155 0

netstat -w1 -Iigb1
input (igb1) output
packets errs bytes packets errs bytes colls
32428 0 35027019 24562 0 5624934 0
30621 0 33384339 23569 0 4456944 0
28419 0 31014269 21571 0 3638083 0
29409 0 32524760 22137 0 3503600 0
30965 0 33532742 23973 0 5089231 0

netstat -w1 -Iem0
input (em0) output
packets errs bytes packets errs bytes colls
17217 0 3929366 72741 0 46377762 0
17412 0 3745112 75522 0 49338883 0
18385 0 4014568 77444 0 50532101 0
17142 0 3875518 77125 0 47646681 0
16870 0 3528316 73188 0 47940959 0
17069 0 3682891 80268 0 52904747 0
17313 0 4101576 75586 0 51933330 0

[K. Macy]

Please try with the latest 8-STABLE and tell me if recent changes fix it.

Thanks,
Kip

> _______________________________________________
> freeb...@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net...@freebsd.org"
>

[Barney Cordoba]

--- On Fri, 4/2/10, K. Macy <km...@freebsd.org> wrote:

How about telling us how to turn it off; or better yet how to not
compile it into the kernel at all. Thats the best solution.

As my Dad used to say on a regular basis, we need this like we
need a hole in our head. Is 8.0 the Kip Macy personal test bed?

Why is something that virtually no-one needs enabled by default?

Barney

[Vincent Hoffman]

>> bytes colls

I havent followed the whole thread so if this doesnt actally work for
some reason then sorry for noise.

[root@prawn ~]# sysctl -a | grep flowtable
net.inet.ip.output_flowtable_size: 2048
net.inet.flowtable.nmbflows: 4096
net.inet.flowtable.tcp_expire: 86400
net.inet.flowtable.fin_wait_expire: 600
net.inet.flowtable.udp_expire: 300
net.inet.flowtable.syn_expire: 300
net.inet.flowtable.collisions: 0
net.inet.flowtable.max_depth: 0
net.inet.flowtable.free_checks: 8845
net.inet.flowtable.frees: 2181
net.inet.flowtable.misses: 2403
net.inet.flowtable.lookups: 11633
net.inet.flowtable.hits: 9231
net.inet.flowtable.enable: 1
net.inet.flowtable.debug: 0

[root@prawn ~]# sysctl -d net.inet.flowtable.enable
net.inet.flowtable.enable: enable flowtable caching.

[root@prawn ~]# sysctl net.inet.flowtable.enable=0
net.inet.flowtable.enable: 1 -> 0

Vince

[K. Macy]

Hi Vincent,
Thanks for your response. However, the answers to both his questions
have been given many times before and he knows them already. This
person has not made material contributions to discussions and has in
fact made active efforts to reduce the signal to noise ratio.

Cheers,
Kip