Hi, Flowd 0.9.1 consistently crashes on my system after only a few minutes. Platform is FreeBSD 9/i386, on VMWare, booting diskless off of an OpenSolaris ZFS filesystem. We''re accepting v9 from an HP Procurve switch. I have a /var/empty/dev/log, but no messages logged from flowd. Run in debugging mode, the program ends with: ... 98.22.63.158]:53 dst [192.221.138.129]:63705 gateway [0.0.0.0] packets 1 octets 125 in_if 29 out_if 32 sys_uptime_ms 6w4d11h43m11s.638 time_sec 2009-11-24T11:25:49 time_nanosec 0 netflow ver 9 flow_start 6w4d11h42m11s.308 flow_finish 6w4d11h42m11s.308 output_flow_enqueue: offset 8948 alloc 16384 netflow v.9 data flowset (len 104) source 0x00000001 process_flow: ACCEPT flow FLOW recv_time 2009-11-24T10:40:01.716915 proto 17 tcpflags 00 tos 00 agent [198.22.63.129] src [192.167.90.2]:53 dst [198.22.63.130]:52715 packets 1 octets 244 in_if 32 out_if 0 sys_uptime_ms 6w4d11h43m11s.638 time_sec 2009-11-24T11:25:49 time_nanosec 0 netflow ver 9 flow_start 6w4d11h42m11s.325 flow_finish 6w4d11h42m11s.325 output_flow_enqueue: offset 9032 alloc 16384 process_flow: ACCEPT flow FLOW recv_time 2009-11-24T10:40:01.716915 proto 17 tcpflags 00 tos 00 agent [198.22.63.129] src [192.35.51.30]:53 dst [198.22.63.130]:64923 packets 1 octets 157 in_if 32 out_if 0 sys_uptime_ms 6w4d11h43m11s.638 time_sec 2009-11-24T11:25:49 time_nanosec 0 netflow ver 9 flow_start 6w4d11h42m11s.326 flow_finish 6w4d11h42m11s.326 output_flow_enqueue: offset 9116 alloc 16384 process_flow: ACCEPT flow FLOW recv_time 2009-11-24T10:40:01.716915 proto 17 tcpflags 00 tos 00 agent [198.22.63.129] src [192.35.51.30]:53 dst [198.22.63.130]:50591 packets 1 octets 141 in_if 32 out_if 0 sys_uptime_ms 6w4d11h43m11s.638 time_sec 2009-11-24T11:25:49 time_nanosec 0 netflow ver 9 flow_start 6w4d11h42m11s.327 flow_finish 6w4d11h42m11s.327 output_flow_enqueue: offset 9200 alloc 16384 netflow v.9 data flowset (len 44) source 0x00000001 process_flow: ACCEPT flow FLOW recv_time 2009-11-24T10:40:01.716915 proto 17 tcpflags 00 tos 00 agent [198.22.63.129] src [198.22.63.130]:51669 dst [192.167.90.1]:53 gateway [0.0.0.0] packets 1 octets 69 in_if 29 out_if 32 sys_uptime_ms 6w4d11h43m11s.638 time_sec 2009-11-24T11:25:49 time_nanosec 0 netflow ver 9 flow_start 6w4d11h42m11s.328 flow_finish 6w4d11h42m11s.328 output_flow_enqueue: offset 9288 alloc 16384 output_flow_flush: flushing output queue len 9288 flowd_mainloop: monitor closed Bus error (core dumped) Any suggestions, folks? Thanks, ==ml -- Michael W. Lucas mwlucas at BlackHelicopters.org http://www.MichaelWLucas.com/ Latest book: Cisco Routers for the Desperate, 2nd Edition http://www.CiscoRoutersForTheDesperate.com/
On Tuesday 24 November 2009 17:45:38 Michael W. Lucas wrote:> Hi, > > Flowd 0.9.1 consistently crashes on my system after only a few > minutes. Platform is FreeBSD 9/i386, on VMWare, booting diskless off > of an OpenSolaris ZFS filesystem. We''re accepting v9 from an HP > Procurve switch. > > I have a /var/empty/dev/log, but no messages logged from flowd. > > Run in debugging mode, the program ends with:...> process_flow: ACCEPT flow FLOW recv_time 2009-11-24T10:40:01.716915 proto > 17 tcpflags 00 tos 00 agent [198.22.63.129] src [198.22.63.130]:51669 dst > [192.167.90.1]:53 gateway [0.0.0.0] packets 1 octets 69 in_if 29 out_if 32 > sys_uptime_ms 6w4d11h43m11s.638 time_sec 2009-11-24T11:25:49 time_nanosec > 0 netflow ver 9 flow_start 6w4d11h42m11s.328 flow_finish 6w4d11h42m11s.328 > output_flow_enqueue: offset 9288 alloc 16384 > output_flow_flush: flushing output queue len 9288 > flowd_mainloop: monitor closed > Bus error (core dumped)Hang, it sounds as if it crashed.> Any suggestions, folks?Have a cup of tea. You could debug the core file with gdb and get a backtrace (bt). Alternatively, you could capture the netflow packets with tcpdump (tcpdump -s0 -w file ... and test on a more easily debugged system).
On Thu, Nov 26, 2009 at 07:50:09AM +0200, Andrew McGill wrote:> On Tuesday 24 November 2009 17:45:38 Michael W. Lucas wrote: > > Hi, > > > > Flowd 0.9.1 consistently crashes on my system after only a few > > minutes. Platform is FreeBSD 9/i386, on VMWare, booting diskless off > > of an OpenSolaris ZFS filesystem. We''re accepting v9 from an HP > > Procurve switch. > > > > I have a /var/empty/dev/log, but no messages logged from flowd. > > > > Run in debugging mode, the program ends with: > ... > > process_flow: ACCEPT flow FLOW recv_time 2009-11-24T10:40:01.716915 proto > > 17 tcpflags 00 tos 00 agent [198.22.63.129] src [198.22.63.130]:51669 dst > > [192.167.90.1]:53 gateway [0.0.0.0] packets 1 octets 69 in_if 29 out_if 32 > > sys_uptime_ms 6w4d11h43m11s.638 time_sec 2009-11-24T11:25:49 time_nanosec > > 0 netflow ver 9 flow_start 6w4d11h42m11s.328 flow_finish 6w4d11h42m11s.328 > > output_flow_enqueue: offset 9288 alloc 16384 > > output_flow_flush: flushing output queue len 9288 > > flowd_mainloop: monitor closed > > Bus error (core dumped) > Hang, it sounds as if it crashed. > > > Any suggestions, folks? > Have a cup of tea. You could debug the core file with gdb and get a backtrace > (bt). Alternatively, you could capture the netflow packets with tcpdump > (tcpdump -s0 -w file ... and test on a more easily debugged system).Unfortunately, flowd exceeds my minimal debugging abilities. Building a flowd with symbols and running it under gdb, I get: netflow/usr/ports/net-mgmt/flowd/work/flowd-0.9.1;gdb ./flowd GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd"... (gdb) run Starting program: /usr/ports/net-mgmt/flowd/work/flowd-0.9.1/flowd Program exited normally. (gdb) quit Probably because it starts the flowd: monitor and flowd: net processes. The crash leaves a /flowd.core file, but if I gdb that and run bt I get: (gdb) bt No stack. (gdb) quit Can anyone enlighten me as to how I should debug this? I''m happy to read the right documentation if someone can point me at it... The Internet has innumerable tutorials, but most are obsolete, irrelevant, or just plain wrong. Thanks, ==ml -- Michael W. Lucas mwlucas at BlackHelicopters.org http://www.MichaelWLucas.com/ Latest book: Cisco Routers for the Desperate, 2nd Edition http://www.CiscoRoutersForTheDesperate.com/