From owner-freebsd-current@FreeBSD.ORG Mon Jun 16 09:13:28 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DFEB637B404 for ; Mon, 16 Jun 2003 09:13:27 -0700 (PDT) Received: from moutvdom.kundenserver.de (moutvdom.kundenserver.de [212.227.126.250]) by mx1.FreeBSD.org (Postfix) with ESMTP id E30B743F93 for ; Mon, 16 Jun 2003 09:13:26 -0700 (PDT) (envelope-from brueffer@phoenix-systems.de) Received: from [212.227.126.221] (helo=mrvdomng.kundenserver.de) by moutvdom.kundenserver.de with esmtp (Exim 3.35 #1) id 19Rwbm-0000me-00; Mon, 16 Jun 2003 18:13:26 +0200 Received: from [213.20.25.53] (helo=ramses.kicks-ass.net) by mrvdomng.kundenserver.de with esmtp (Exim 3.35 #1) id 19Rwbm-00022v-00; Mon, 16 Jun 2003 18:13:26 +0200 Received: from cheops.phoenix (cheops.phoenix [192.168.1.3]) by ramses.kicks-ass.net (Postfix) with ESMTP id 3AFCE1CC3F; Mon, 16 Jun 2003 18:18:06 +0200 (CEST) From: Markus Brueffer To: Christoph Kukulies , freebsd-current@freebsd.org Date: Mon, 16 Jun 2003 18:17:41 +0200 User-Agent: KMail/1.5.2 References: <200306161403.h5GE3tJ28411@accms33.physik.rwth-aachen.de> <200306161706.35136.brueffer@phoenix-systems.de> In-Reply-To: <200306161706.35136.brueffer@phoenix-systems.de> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_l2e7+xfLX4fwEMP"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200306161817.41844.brueffer@phoenix-systems.de> Subject: Re: mpd, ng, Cisco VPN, resource leak X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Jun 2003 16:13:28 -0000 --Boundary-02=_l2e7+xfLX4fwEMP Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: signed data Content-Disposition: inline Hi Christoph On Monday 16 June 2003 16:03, Christoph Kukulies wrote: > For months I'm trying to get back to a working VPN using mpd > on a FreeBSD 4.4 client site and a Cisco VPN server on the peer end. > > With 5.0 and 5.1-current the network connection stopped working. > > I could work for a minute or so then the connection got hung. > Trying to reconnect with a new ssh session got some message > about 'resource deadlock avoided' and a subsequent ping to the peer side > gets the onminous 'no buffers space available' or an additional : > > > kuku@www$ ssh acc01 > ssh: connect to host acc01 port 22: Connection refused > kuku@www$ ping acs01 > PING acc01 (138.134.123.12): 56 data bytes > ping: sendto: Resource deadlock avoided > ping: sendto: No buffer space available > ping: sendto: No buffer space available > ^C > --- acc01 ping statistics --- > 3 packets transmitted, 0 packets received, 100% packet loss > > > The connection refused occurs on the peer side where the previous > ssh connection had succeeded. It's not that the sshd died. Rebooting > my system allows be to connect again for a minute or 2 and then again > the hang. > > How could I pinpoint the problem so that some knowing kernel/netgraph > person will be available to find the cause? > > Is there a way to do a continous netstat -m or vmstat -m during a session > setup? I mean other than writing it to a file in a shell while loop? I know exactly what you are talking about. I had the same problems here. Please have a look at http://www.cs.rpi.edu/~flemej/fbsd-cisco-vpn/ . That (partly) solved the problems for me, however I have to set the routes = to=20 the subnets behind the VPN-server manually after establishing a connection = to=20 the VPN-server via mpd.=20 If I set the routes in the mentioned script, the routingtable seems to be o= k,=20 but setting the routing entrys this way leads to the same problems you=20 already mentioned. I have no idea whats wrong and why I have to set them=20 manually. Perhaps we can figure out this minor last problem together. Best Regards, Markus =2D-=20 GPG Pub-Key : http://www.phoenix-systems.de/mbrueffer.asc GPG Fingerprint: 3F9B EBE8 F290 E5CC 1447 8760 D48D 1072 78F8 A8D4 GPG Key ID : 0x78F8A8D4 --Boundary-02=_l2e7+xfLX4fwEMP Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQA+7e2l1I0Qcnj4qNQRAmTTAKDWJOfCNhZpWyVR4YYD6dDonbqfLwCfZjBB H8y33/f+q8BDeAU4Fdm+V8o= =JvgQ -----END PGP SIGNATURE----- --Boundary-02=_l2e7+xfLX4fwEMP--