Date: Wed, 29 Feb 2012 20:28:49 +0700 From: "~Lst" <slackbie@gmail.com> To: Alexander Leidinger <Alexander@leidinger.net> Cc: stable@freebsd.org, current@freebsd.org Subject: Re: [CFT] modular kernel config Message-ID: <CAJMUr61E3XakOE9ME5snLxMoUoCBCVRRk60LiBH2NZLKX3HjDA@mail.gmail.com> In-Reply-To: <20120228163740.Horde.-AvCD5jmRSRPTPTEkzY476A@webmail.leidinger.net> References: <20120221143537.Horde.deyFDZjmRSRPQ52pxBIpnLA@webmail.leidinger.net> <BA7FFA2D-DEE6-4FB7-AE26-0BC79CBFD8C0@lists.zabbadoz.net> <4F4BA707.5070608@wasikowski.net> <4F4C3FE7.3040802@FreeBSD.org> <CAJMUr60JH7Xv13SyJ5D8C63Dj4CPnsrJU3htYEdRaoU7i4oG4A@mail.gmail.com> <20120228163740.Horde.-AvCD5jmRSRPTPTEkzY476A@webmail.leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 28, 2012 at 10:37 PM, Alexander Leidinger <Alexander@leidinger.net> wrote: > Quoting ~Lst <slackbie@gmail.com> (from Tue, 28 Feb 2012 16:38:43 +0700): > >> 2012/2/28 Steve Wills <swills@freebsd.org>: >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On 02/27/12 10:53, =A3ukasz W=B1sikowski wrote: >>>> >>>> W dniu 2012-02-22 23:31, Bjoern A. Zeeb pisze: >>>> >>>>> You cannot ship that on by default for non-tecnical reasons in a >>>>> kernel. =A0Please do not commit a kernel config that can be booted >>>>> (no LINT cannot be booted) with these on without consulting >>>>> appropriate hats upfront. >>>>> >>>>> >>>>>> - ALTQ - SW_WATCHDOG - QUOTA - IPSTEALTH (disabled in >>>>>> loader.conf) - IPFIREWALL_FORWARD (touches every packet, power >>>>>> users which need a bigger PPS but not this feature can >>>>>> recompile the kernel, discussed with julian@) - FLOWTABLE >>>>>> (disabled in loader.conf) >>>>> >>>>> Which is not the same as it's not 100% disabled and will still >>>>> allocate memory. >>>> >>>> >>>> FLOWTABLE on 8.x crashed BGP routers (kern/144917). I don't know if >>>> it is fixed by now, but this kind of potential problematic features >>>> should not be enabled by default. >>>> >>> >>> Agree, I've run into problems with FLOWTABLE (with just the features >>> that were enabled by default in 8.0) when routers changed MAC >>> addresses. As far as I understand it, FLOWTABLE is both broken and >>> abandoned (but if I'm wrong, please let me know). >>> >>> So, IMHO, not only should it not be enabled by default, but given that >>> it was disabled complete in 8.x after 8.0 (too lazy to look at exactly >>> when right now), I think it shouldn't even be included, since that >>> might encourage users to try it out only to encounter problems with it. >>> >>> Steve >>> >> >> Definitely yes, I'd some problems too with FLOWTABLE running for router. >> So I have to disabled in kernel and sysctl. > > > To make sure I understand you correctly: Did you disabled it with the > sysctl/loader-tunable and everything was OK again, or did you had to remo= ve > it from the kernel config (disabling via sysctl was not enough) to resolv= e > the issue? > > I have one report where a person has issue with FLOWTABLE, but disabling = it > via the sysctl/loader-tunable was enough to address his concerns. > > Bye, > Alexander. > I had to remove it from the kernel config and in my cased disabling via sysctl was not enough to resolve the issue Rgds, -- Lasta Yani
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJMUr61E3XakOE9ME5snLxMoUoCBCVRRk60LiBH2NZLKX3HjDA>