Months ago I reported a system freezing whenever bridge was used with pf. This still happens now in 8.1 prerelease: after several minutes to hours that the bridge is active the system becomes unresponsive. # uname -a FreeBSD firewall1 8.1-PRERELEASE FreeBSD 8.1-PRERELEASE #0: Thu May 27 18:03:48 CEST 2010 root@data1:/usr/obj/usr/src/sys/FIREWALL amd64> cat /etc/sysctl.confnet.inet.ip.forwarding=1 net.inet.ip.fastforwarding=1 net.inet.carp.preempt=1 Services running : sshd, named, inetd, ntpd, openvpn (tap), racoon, pptp, asterisk 2 physical interfaces : bce0, bce1 11 vlan interfaces : vlan1, ..., vlan11 (vlandev bce1) 11 carp interfaces ; carp1, ..., carp11 (carp1 has 23 alias addresses) 1 bridge interfaces : bridge0 addm vlan35 (used by openvpn) 2 gif interfaces : gif0, gif1 (racoon / IPSEC) 8 static routes pf packet filter : 12 rdr rules, 3 nat rules, set skip{lo0, bridge0, vlan35}, 4 pass quick, block log all, about 30 pass keep state When the system freezes, I get this from the debugger --------------------------------------------------------------------- db> show allchains db> show alllocks Process 12 (intr) thread 0xffffff00024293e0 (100028) exclusive sleep mutex if_bridge (if_bridge) r = 0 (0xffffff000270ea18) locked @ /usr/src/sys/net/if_bridge.c:2184 Process 12 (intr) thread 0xffffff00022693e0 (100016) exclusive sleep mutex Giant (Giant) r = 1 (0xffffffff80c93dc0) locked @ /usr/src/sys/dev/usb/usb_transfer.c:3023 Process 12 (intr) thread 0xffffff00022607c0 (1000006) exclusive sleep mutex carp_if (carp_if) r = 0 (0xffffff00027329e0) locked @ /usr/src/sys/netinet/ip_carp.c:881 db> --------------------------------------------------------------------- Even if there is no solution yet, is there any quick and dirty workaround I can try? I need this rather badly... Thanks.
On 28.05.2010 07:46, Giulio Ferro wrote: I've also tried to disable all filtering: net.link.bridge.pfil_onlyip=0 net.link.bridge.pfil_member=0 net.link.bridge.pfil_bridge=0 net.link.bridge.pfil_local_phys=0 net.link.bridge.ipfw=0 net.link.bridge.ipfw_arp=0 But to no avail. It always freezes...> Months ago I reported a system freezing whenever bridge was used > with pf. This still happens now in 8.1 prerelease: after several > minutes to hours > that the bridge is active the system becomes unresponsive. > > # uname -a > FreeBSD firewall1 8.1-PRERELEASE FreeBSD 8.1-PRERELEASE #0: Thu May 27 > 18:03:48 CEST 2010 root@data1:/usr/obj/usr/src/sys/FIREWALL amd64 > >> cat /etc/sysctl.conf > net.inet.ip.forwarding=1 > net.inet.ip.fastforwarding=1 > net.inet.carp.preempt=1 > > Services running : sshd, named, inetd, ntpd, openvpn (tap), racoon, > pptp, asterisk > > 2 physical interfaces : bce0, bce1 > 11 vlan interfaces : vlan1, ..., vlan11 (vlandev bce1) > 11 carp interfaces ; carp1, ..., carp11 (carp1 has 23 alias addresses) > 1 bridge interfaces : bridge0 addm vlan35 (used by openvpn) > 2 gif interfaces : gif0, gif1 (racoon / IPSEC) > > 8 static routes > > pf packet filter : 12 rdr rules, 3 nat rules, set skip{lo0, bridge0, > vlan35}, 4 pass quick, block log all, about 30 pass keep state > > > > When the system freezes, I get this from the debugger > --------------------------------------------------------------------- > db> show allchains > db> show alllocks > Process 12 (intr) thread 0xffffff00024293e0 (100028) > exclusive sleep mutex if_bridge (if_bridge) r = 0 (0xffffff000270ea18) > locked @ /usr/src/sys/net/if_bridge.c:2184 > Process 12 (intr) thread 0xffffff00022693e0 (100016) > exclusive sleep mutex Giant (Giant) r = 1 (0xffffffff80c93dc0) locked > @ /usr/src/sys/dev/usb/usb_transfer.c:3023 > Process 12 (intr) thread 0xffffff00022607c0 (1000006) > exclusive sleep mutex carp_if (carp_if) r = 0 (0xffffff00027329e0) > locked @ /usr/src/sys/netinet/ip_carp.c:881 > db> > --------------------------------------------------------------------- > > Even if there is no solution yet, is there any quick and dirty > workaround I can try? > I need this rather badly... > > Thanks. > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
On 28.05.2010 07:46, Giulio Ferro wrote: Would it be a good idea to try netgraph bridge? Or the underlying implementation is the same as in if_bridge?> Months ago I reported a system freezing whenever bridge was used > with pf. This still happens now in 8.1 prerelease: after several > minutes to hours > that the bridge is active the system becomes unresponsive. > > # uname -a > FreeBSD firewall1 8.1-PRERELEASE FreeBSD 8.1-PRERELEASE #0: Thu May 27 > 18:03:48 CEST 2010 root@data1:/usr/obj/usr/src/sys/FIREWALL amd64 > >> cat /etc/sysctl.conf > net.inet.ip.forwarding=1 > net.inet.ip.fastforwarding=1 > net.inet.carp.preempt=1 > > Services running : sshd, named, inetd, ntpd, openvpn (tap), racoon, > pptp, asterisk > > 2 physical interfaces : bce0, bce1 > 11 vlan interfaces : vlan1, ..., vlan11 (vlandev bce1) > 11 carp interfaces ; carp1, ..., carp11 (carp1 has 23 alias addresses) > 1 bridge interfaces : bridge0 addm vlan35 (used by openvpn) > 2 gif interfaces : gif0, gif1 (racoon / IPSEC) > > 8 static routes > > pf packet filter : 12 rdr rules, 3 nat rules, set skip{lo0, bridge0, > vlan35}, 4 pass quick, block log all, about 30 pass keep state > > > > When the system freezes, I get this from the debugger > --------------------------------------------------------------------- > db> show allchains > db> show alllocks > Process 12 (intr) thread 0xffffff00024293e0 (100028) > exclusive sleep mutex if_bridge (if_bridge) r = 0 (0xffffff000270ea18) > locked @ /usr/src/sys/net/if_bridge.c:2184 > Process 12 (intr) thread 0xffffff00022693e0 (100016) > exclusive sleep mutex Giant (Giant) r = 1 (0xffffffff80c93dc0) locked > @ /usr/src/sys/dev/usb/usb_transfer.c:3023 > Process 12 (intr) thread 0xffffff00022607c0 (1000006) > exclusive sleep mutex carp_if (carp_if) r = 0 (0xffffff00027329e0) > locked @ /usr/src/sys/netinet/ip_carp.c:881 > db> > --------------------------------------------------------------------- > > Even if there is no solution yet, is there any quick and dirty > workaround I can try? > I need this rather badly... > > Thanks. > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
Hmm, I wonder if possible culprit is this:>> Process 12 (intr) thread 0xffffff00022693e0 (100016) >> exclusive sleep mutex Giant (Giant) r = 1 (0xffffffff80c93dc0) >> locked @ /usr/src/sys/dev/usb/usb_transfer.c:3023Is the usb device used as main harddrive for the system, and have you tried other usb device or installation target media like real harddrive or livecd? -Reko
On Friday 28 May 2010 07:46:07 Giulio Ferro wrote:> Months ago I reported a system freezing whenever bridge was used > with pf. This still happens now in 8.1 prerelease: after several minutes > to hours > that the bridge is active the system becomes unresponsive.as I told you last time your reported this problem: you need to simplify your setup in order to track down the problem. For all I know, you have created a routing or ethernet loop that is the cause of your problems. Unless you can provide a simple setup that can be reproduced, you have to track down the issue yourself - sorry. Max
On 5/28/10 3:54 AM, Giulio Ferro wrote:> On 28.05.2010 07:46, Giulio Ferro wrote: > > Would it be a good idea to try netgraph bridge? > Or the underlying implementation is the same as in if_bridge?netgraph bridging (see /usr/share/examples/netgraph) is a completely different implimentation with different strengths and weaknesses. you may find it works for you.> > >> Months ago I reported a system freezing whenever bridge was used >> with pf. This still happens now in 8.1 prerelease: after several >> minutes to hours >> that the bridge is active the system becomes unresponsive. >> >> # uname -a >> FreeBSD firewall1 8.1-PRERELEASE FreeBSD 8.1-PRERELEASE #0: Thu May 27 >> 18:03:48 CEST 2010 root@data1:/usr/obj/usr/src/sys/FIREWALL amd64 >> >>> cat /etc/sysctl.conf >> net.inet.ip.forwarding=1 >> net.inet.ip.fastforwarding=1 >> net.inet.carp.preempt=1 >> >> Services running : sshd, named, inetd, ntpd, openvpn (tap), racoon, >> pptp, asterisk >> >> 2 physical interfaces : bce0, bce1 >> 11 vlan interfaces : vlan1, ..., vlan11 (vlandev bce1) >> 11 carp interfaces ; carp1, ..., carp11 (carp1 has 23 alias addresses) >> 1 bridge interfaces : bridge0 addm vlan35 (used by openvpn) >> 2 gif interfaces : gif0, gif1 (racoon / IPSEC) >> >> 8 static routes >> >> pf packet filter : 12 rdr rules, 3 nat rules, set skip{lo0, bridge0, >> vlan35}, 4 pass quick, block log all, about 30 pass keep state >> >> >> >> When the system freezes, I get this from the debugger >> --------------------------------------------------------------------- >> db> show allchains >> db> show alllocks >> Process 12 (intr) thread 0xffffff00024293e0 (100028) >> exclusive sleep mutex if_bridge (if_bridge) r = 0 (0xffffff000270ea18) >> locked @ /usr/src/sys/net/if_bridge.c:2184 >> Process 12 (intr) thread 0xffffff00022693e0 (100016) >> exclusive sleep mutex Giant (Giant) r = 1 (0xffffffff80c93dc0) locked >> @ /usr/src/sys/dev/usb/usb_transfer.c:3023 >> Process 12 (intr) thread 0xffffff00022607c0 (1000006) >> exclusive sleep mutex carp_if (carp_if) r = 0 (0xffffff00027329e0) >> locked @ /usr/src/sys/netinet/ip_carp.c:881 >> db> >> --------------------------------------------------------------------- >> >> Even if there is no solution yet, is there any quick and dirty >> workaround I can try? >> I need this rather badly... >> >> Thanks. >> >> _______________________________________________ >> freebsd-stable@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"