Site Navigation

Date:      Wed, 18 May 2016 20:28:58 +0200
From:      Miroslav Lachman <000.fbsd@quip.cz>
To:        Grzegorz Junka <list1@gjunka.com>, freebsd-jail@freebsd.org
Subject:   Re: netstat -rn in jail doesn't work
Message-ID:  <573CB46A.6040308@quip.cz>
In-Reply-To: <87302b92-dcae-0ed2-92e2-0c29779c0fd3@gjunka.com>
References:  <87302b92-dcae-0ed2-92e2-0c29779c0fd3@gjunka.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

Grzegorz Junka wrote on 05/18/2016 18:37:
> What may be the reason that netstat -rn works in one jail and doesn't in
> another?
>
> root@app2:/ # netstat -rn
> Routing tables
>
> Internet:
> Destination        Gateway            Flags      Netif Expire
> 192.168.1.76       link#4             UHS         lo0
>
>
> root@pjp1:/ # netstat -rn
> netstat: kvm not available: /dev/mem: No such file or directory
> Routing tables
> rt_tables: symbol not in namelist

I don't know the reason but I can confirm this behavior. I know about 
this for a long time. Netstat complains about /dev/mem for some other 
params too even if it outputs correct values for example for opened tcp 
connections:

/# netstat -s -p tcp
netstat: kvm not available: /dev/mem: No such file or directory
tcp:
         1517892073 packets sent
                 1453939900 data packets (2274781047202 bytes)
                 759536 data packets (929141944 bytes) retransmitted
                 59175 data packets unnecessarily retransmitted
                 0 resends initiated by MTU discovery
                 51907865 ack-only packets (26667901 delayed)
                 0 URG only packets
                 267 window probe packets
                 795506 window update packets
                 10493883 control packets
         1487401217 packets received
                 1417951529 acks (for 2273802396874 bytes)
                 7502860 duplicate acks
                 38600 acks for unsent data
                 1368386110 packets (2153255668968 bytes) received 
in-sequence
                 222423 completely duplicate packets (39239815 bytes)
                 11980 old duplicate packets
                 221 packets with some dup. data (94160 bytes duped)
                 35171 out-of-order packets (15770219 bytes)
                 21 packets (11 bytes) of data after window
                 11 window probes
                 1863690 window update packets
                 1642030 packets received after close
                 281 discarded for bad checksums
                 0 discarded for bad header offset fields
                 0 discarded because packet too short
                 87 discarded due to memory problems
         2448384 connection requests
         7800552 connection accepts
         0 bad connection attempts
         109 listen queue overflows
         339306 ignored RSTs in the windows
         10221160 connections established (including accepts)
         10554092 connections closed (including 1990441 drops)
                 5674590 connections updated cached RTT on close
                 5677848 connections updated cached RTT variance on close
                 1583021 connections updated cached ssthresh on close
         10125 embryonic connections dropped
         1405786035 segments updated rtt (of 1374995187 attempts)
         404689 retransmit timeouts
                 1681 connections dropped by rexmit timeout
         608 persist timeouts
                 0 connections dropped by persist timeout
         0 Connections (fin_wait_2) dropped because of timeout
         12388 keepalive timeouts
                 11896 keepalive probes sent
                 492 connections dropped by keepalive
         38184853 correct ACK header predictions
         46419366 correct data packet header predictions
         7826351 syncache entries added
                 45759 retransmitted
                 55797 dupsyn
                 84 dropped
                 7800552 completed
                 40 bucket overflow
                 0 cache overflow
                 19220 reset
                 7941 stale
                 109 aborted
                 0 badack
                 230 unreach
                 0 zone failures
         7826435 cookies sent
         1784 cookies received
         212203 hostcache entries added
                 28 bucket overflow
         104273 SACK recovery episodes
         242234 segment rexmits in SACK recovery episodes
         303575028 byte rexmits in SACK recovery episodes
         1538523 SACK options (SACK blocks) received
         12421 SACK options (SACK blocks) sent
         114 SACK scoreboard overflow
         0 packets with ECN CE bit set
         0 packets with ECN ECT(0) bit set
         0 packets with ECN ECT(1) bit set
         0 successful ECN handshakes
         0 times ECN reduced the congestion window
         0 packets with valid tcp-md5 signature received
         0 packets with invalid tcp-md5 signature received
         0 packets with tcp-md5 signature mismatch
         0 packets with unexpected tcp-md5 signature received
         0 packets without expected tcp-md5 signature received


I tried netstat -rn in all 8 jails on our test machine. 4 of them works, 
the other 4 don't work.

netstat -rn doesn't work in those jail which are older than host environment

netstat -s -p tcp prints error message even in the newest jails:
netstat: kvm not available: /dev/mem: No such file or directory


Miroslav Lachman

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?573CB46A.6040308>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact