bugzilla-daemon@netfilter.org
2003-Feb-03 15:16 UTC
[Bug 40] New: system hangs, Availability problems, maybe conntrack bug, possible reason here.
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=40 Summary: system hangs, Availability problems, maybe conntrack bug, possible reason here. Product: netfilter/iptables Version: linux-2.4.x Platform: i386 OS/Version: RedHat Linux Status: NEW Severity: critical Priority: P2 Component: connection tracking AssignedTo: laforge@netfilter.org ReportedBy: luismi@b2bi.es CC: netfilter-buglog@lists.netfilter.org Here is the copy of the emails: From: "Jeroen Hendriks" <jeroen@e-factory.nl> To: <vlan@Scry.WANfear.com> Subject: Re: [VLAN] Availability problems Date: Fri, 24 Jan 2003 18:55:11 +0100 Hi, This could be a problem with the ip_conntrack module. I had simular problems on a vlan routing box with a 2.4.16 kernel. When the bandwidth use was above 70Mbit on the 3com Gbit card for about 30/40 minutes the box went down. (no messages on the console and logs.) After removing the connection tracking module the problem was solved. Jeroen ----- Original Message ----- From: "Luis Miguel Cruz Miranda" <luismi@b2bi.es> To: <vlan@Scry.WANfear.com> Sent: Friday, January 24, 2003 1:09 PM Subject: [VLAN] Availability problems> Hi all, > > I have a linux router using vlan patch at layer3. > All nics into the box are 3Com except 1 one them which is based on realtek > chipset. > The status are.... > > [root@fw-inet1 proc]# mii-diag eth0 > Basic registers of MII PHY #24: 3000 782d 0040 6176 05e1 0021 0000 0000. > Basic mode control register 0x3000: Auto-negotiation enabled. > You have link beat, and everything is working OK. > Your link partner is generating 10baseT link beat (no autonegotiation). > [root@fw-inet1 proc]# mii-diag eth1 > Basic registers of MII PHY #24: 3000 782d 0040 6176 05e1 45e1 0003 0000. > Basic mode control register 0x3000: Auto-negotiation enabled. > You have link beat, and everything is working OK. > Your link partner advertised 45e1: Flow-control 100baseTx-FD 100baseTx > 10baseT-FD 10baseT, w/ 802.3X flow control. > [root@fw-inet1 proc]# mii-diag eth2 > Basic registers of MII PHY #24: 3000 786d 0000 0000 01e1 45e1 0007 2801. > Basic mode control register 0x3000: Auto-negotiation enabled. > You have link beat, and everything is working OK. > Your link partner advertised 45e1: Flow-control 100baseTx-FD 100baseTx > 10baseT-FD 10baseT, w/ 802.3X flow control. > [root@fw-inet1 proc]# mii-diag eth3 > Basic registers of MII PHY #24: 3000 786d 0000 0000 01e1 0020 0004 2001. > Basic mode control register 0x3000: Auto-negotiation enabled. > You have link beat, and everything is working OK. > Your link partner is generating 10baseT link beat (no autonegotiation). > > This box is controlling an ATM link, and 2 Frame Relays without any cpuload.> I also do ip filtering and advanced traffice control with iproute and tc. > The lsmod shows... > > [root@fw-inet1 proc]# lsmod > Module Size Used by Not tainted > ipt_REJECT 3552 2 (autoclean) > ip_conntrack_ftp 4576 0 (unused) > ip_nat_ftp 3872 0 (unused) > 8021q 15176 3 > ne2k-pci 6240 1 > 8390 7812 0 [ne2k-pci] > 3c59x 28008 4 > ipt_multiport 1184 52 (autoclean) > ipt_LOG 4160 18 (autoclean) > ipt_limit 1568 13 (autoclean) > ipt_state 1088 20 (autoclean) > iptable_mangle 2688 0 (autoclean) (unused) > iptable_nat 18484 2 (autoclean) [ip_nat_ftp] > ip_conntrack 19596 3 (autoclean) [ip_conntrack_ftp ip_nat_ftp > ipt_state iptable_nat] > iptable_filter 2368 1 (autoclean) > ip_tables 13440 10 [ipt_REJECT ipt_multiport ipt_LOG > ipt_limit ipt_state iptable_mangle iptable_nat iptable_filter] > > We experienced some availability problems last days, the box hangs without > any reason, I checked the logs without results, the console don't showsany> kernel panic or similar. The only way to get it running again is makin a > hard reboot. > The CPU is a P3 600Mhz and 128Mb of RAM. There is no problems with diskspace.> > I would like to know if someone has the same problems there. > > Thanks. >------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.