From owner-freebsd-stable@FreeBSD.ORG Tue Feb 28 02:46:03 2012 Return-Path: Delivered-To: stable@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BAF9F106566C; Tue, 28 Feb 2012 02:46:03 +0000 (UTC) (envelope-from swills@FreeBSD.org) Received: from mouf.net (unknown [IPv6:2607:fc50:0:4400:216:3eff:fe69:33b2]) by mx1.freebsd.org (Postfix) with ESMTP id 59B0D8FC0A; Tue, 28 Feb 2012 02:46:03 +0000 (UTC) Received: from meatwad.mouf.net (cpe-024-162-230-236.nc.res.rr.com [24.162.230.236]) (authenticated bits=0) by mouf.net (8.14.4/8.14.4) with ESMTP id q1S2jxLk051404 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT); Mon, 27 Feb 2012 21:46:00 -0500 (EST) (envelope-from swills@FreeBSD.org) Message-ID: <4F4C3FE7.3040802@FreeBSD.org> Date: Mon, 27 Feb 2012 21:45:59 -0500 From: Steve Wills User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:9.0) Gecko/20111228 Thunderbird/9.0 MIME-Version: 1.0 To: =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= References: <20120221143537.Horde.deyFDZjmRSRPQ52pxBIpnLA@webmail.leidinger.net> <4F4BA707.5070608@wasikowski.net> In-Reply-To: <4F4BA707.5070608@wasikowski.net> X-Enigmail-Version: 1.1.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (mouf.net [204.109.58.86]); Mon, 27 Feb 2012 21:46:02 -0500 (EST) X-Virus-Scanned: clamav-milter 0.97.2 at mouf.net X-Virus-Status: Clean Cc: "Bjoern A. Zeeb" , stable@FreeBSD.org, current@FreeBSD.org, Alexander Leidinger Subject: Re: [CFT] modular kernel config X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2012 02:46:03 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/27/12 10:53, Łukasz Wąsikowski wrote: > W dniu 2012-02-22 23:31, Bjoern A. Zeeb pisze: > >> You cannot ship that on by default for non-tecnical reasons in a >> kernel. Please do not commit a kernel config that can be booted >> (no LINT cannot be booted) with these on without consulting >> appropriate hats upfront. >> >> >>> - ALTQ - SW_WATCHDOG - QUOTA - IPSTEALTH (disabled in >>> loader.conf) - IPFIREWALL_FORWARD (touches every packet, power >>> users which need a bigger PPS but not this feature can >>> recompile the kernel, discussed with julian@) - FLOWTABLE >>> (disabled in loader.conf) >> Which is not the same as it's not 100% disabled and will still >> allocate memory. > > FLOWTABLE on 8.x crashed BGP routers (kern/144917). I don't know if > it is fixed by now, but this kind of potential problematic features > should not be enabled by default. > Agree, I've run into problems with FLOWTABLE (with just the features that were enabled by default in 8.0) when routers changed MAC addresses. As far as I understand it, FLOWTABLE is both broken and abandoned (but if I'm wrong, please let me know). So, IMHO, not only should it not be enabled by default, but given that it was disabled complete in 8.x after 8.0 (too lazy to look at exactly when right now), I think it shouldn't even be included, since that might encourage users to try it out only to encounter problems with it. Steve -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iQEcBAEBAgAGBQJPTD/nAAoJEPXPYrMgexuhvWAH/iPa0N32GJXdyL7OdqFNNuEN R/Z0tOqTCCmAm4WsbAbN3m5poBKNctRtQxG40XoqmvZAWlomwYCwpS2xgCX60NZO XhspUEpQ7cHQpt6ZOW12x3G6FZJ4DzFX0+mDPYxE/7YmwtsjZFeTFGVEPezeKQwr Khar5jWYqETmM1+mFvAFXnfTUiBwnqErDfYmHQAE93wKQd9CyzrFmDfooNTiMUB6 yW+piexN/SzXz6nftQesJbFOWUW6fvhxe9TYcK8+b9zCo2GxPuUrRV60PKQX0apd nlKWtj49znLVzmpTYboQnvmqmk+yik8wL2wszUaZ4jAjieCjWOhJwCWOvkQ9yIg= =SBbK -----END PGP SIGNATURE-----