Date: Sun, 30 Mar 2014 04:12:34 +1100 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Willy Offermans <Willy@Offermans.Rompen.nl> Cc: freebsd-net@freebsd.org, freebsd-stable@freebsd.org Subject: Re: TCP packets remain unsent Message-ID: <20140330012659.Y78237@sola.nimnet.asn.au> In-Reply-To: <20140329140229.GE3528@vpn.offrom.nl> References: <20140328162554.GA26748@vpn.offrom.nl> <20140329140229.GE3528@vpn.offrom.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 29 Mar 2014 15:02:29 +0100, Willy Offermans wrote: > Dear FreeBSD friends, > > On Fri, Mar 28, 2014 at 05:25:54PM +0100, Willy Offermans wrote: > > Dear FreeBSD friends, > > > > I have a problem with my relatively new FreeBSD server. I came across the > > problem when sending e-mails of larger size and copying files with scp. > > The e-mails were not sent out because of time-out error and the copying was > > extremely slow, though successful after a while. I already started a thread > > on this topic on freebsd-current. See > > http://docs.freebsd.org/mail/current/freebsd-current.html, topic > > sendmail Broken Pipe Error. I got some help to narrow down the > > error: Sending out e-mails of larger size stops at some point. TCP packets > > were not transferred to the smarthost causing a timeout error. There were > > still some TCP packets waiting to be sent. > > > > My system is a HP ProLiant Gen8 MicroServer with FreeBSD 10.0-STABLE #0 > > r261266M. The server has two network cards: [..] > > Before the time out error occurs, the CPU loading of natd and dhcpd is > > steadily increasing to extreme values to my opinion: > > > > PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND > > > > 1235 root 1 93 0 28908K 2144K RUN 0 54:05 71.78% natd > > 1614 dhcpd 1 4 0 26784K 14936K RUN 0 29:24 38.77% dhcpd [..] > I could narrow down the cause of the error: > > If I remove the following line from my firewall rules, I could sent out > e-mails without issues. > > /sbin/ipfw add 50 divert natd all from any to any via bge0 > > I do not know yet how things are related, but I will dig into it. > > If someone has a hint, please respond to the list. Is your system running IPv6? Sendmail will prefer using ip6 if enabled. You need to use 'ip4' rather than 'all' with divert; natd (and I assume, ipfw nat?) doesn't like ip6 packets being sent its way. Also, ipfw nat and natd both use libalias(3) which doesn't work with TSO; check that's turned off with ifconfig. See ipfw(8) /BUGS section. Just guesswork, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140330012659.Y78237>