Date: Mon, 10 Nov 2003 16:01:57 -0600 From: "Jack L. Stone" <jacks@sage-american.com> To: Daniela <dgw@liwest.at>, freebsd-questions@freebsd.org Subject: Re: Help! Runaway NATD Message-ID: <3.0.5.32.20031110160157.0142b020@10.0.0.15> In-Reply-To: <200311102242.09544.dgw@liwest.at> References: <3.0.5.32.20031110151819.01431468@10.0.0.15> <3.0.5.32.20031110151819.01431468@10.0.0.15>
next in thread | previous in thread | raw e-mail | index | archive | help
At 10:42 PM 11.10.2003 +0000, Daniela wrote:
>On Monday 10 November 2003 21:18, Jack L. Stone wrote:
>> FreeBSD 4.8-RELEASE-p13 - GW/router/NAT/FW/Caching DNS - Bind-8.3x +
>> IPFW(8)
>>
>> Have just setup the above to route mainly for a LAN (in place of hardware
>> router), but natd runs non-stop as per TOP(1) and keeps eating up the CPU
>> until it crashes. Takes about 1/2 hour to eat up the resources and requires
>> a reboot -- then the problem just starts over again.
>
>Have you tried to attach to the process with gdb(1) or truss(1)?
>Also please show us what `ps ax` says about natd.
>Can you get a core dump?
>
>Good luck!
>Daniela
>
Thanks for the quick reply. No, haven't had chance to redo the kernel for
gdb, etc. But, here's some more info from the "ps -ax" and log. The tcp
start out very small and keep growing in big leaps as below -- this is just
before running out of CPU....
>From "/var/log/alias.log"
icmp=0, udp=8, tcp=33830, pptp=0, proto=0, frag_id=0 frag_ptr=0 / tot=33838
(sock=0)
icmp=0, udp=8, tcp=33831, pptp=0, proto=0, frag_id=0 frag_ptr=0 / tot=33839
(sock=0)
...a FEW minutes later:
icmp=2, udp=9, tcp=41608, pptp=0, proto=0, frag_id=0 frag_ptr=0 / tot=41619
(sock=0)
icmp=2, udp=9, tcp=41609, pptp=0, proto=0, frag_id=0 frag_ptr=0 / tot=41620
(sock=0)
PID TT STAT TIME COMMAND
0 ?? DLs 0:00.00 (swapper)
1 ?? ILs 0:00.01 /sbin/init --
2 ?? DL 0:00.00 (pagedaemon)
3 ?? DL 0:00.00 (vmdaemon)
4 ?? DL 0:00.01 (bufdaemon)
5 ?? DL 0:00.21 (syncer)
6 ?? DL 0:00.01 (vnlru)
23 ?? Is 0:00.00 adjkerntz -i
116 ?? Rs 6:53.75 /sbin/natd -f /etc/natd.conf -n rl0
133 ?? Ss 0:00.07 /usr/sbin/syslogd -s
136 ?? Is 0:00.13 /usr/sbin/named -u bind -g bind
139 ?? Ss 0:00.10 ntpd -p /var/run/ntpd.pid
142 ?? Is 0:00.01 timed -F earth.netwood.net
148 ?? Is 0:00.00 /usr/sbin/inetd -wW
150 ?? Is 0:00.02 /usr/sbin/cron
152 ?? Is 0:00.62 /usr/sbin/sshd
213 ?? Ss 0:00.41 /usr/local/sbin/httpd
218 ?? I 0:00.00 /usr/local/sbin/httpd
219 ?? I 0:00.00 /usr/local/sbin/httpd
220 ?? I 0:00.00 /usr/local/sbin/httpd
221 ?? I 0:00.00 /usr/local/sbin/httpd
222 ?? I 0:00.00 /usr/local/sbin/httpd
223 ?? Is 0:00.00 /usr/local/sbin/dhcpd
254 ?? S 0:00.10 /usr/local/libexec/mysqld --basedir=/usr/local
--datadir=/var/db/mysql --user=mysql --pid-file=/va
264 ?? Is 0:00.04 /usr/local/libexec/postfix/master
265 ?? I 0:00.02 pickup -l -t fifo -u
266 ?? I 0:00.26 qmgr -l -t fifo -u
267 ?? I 0:00.07 sshd: kuni [priv] (sshd)
269 ?? I 0:00.04 sshd: kuni@ttyp0 (sshd)
281 ?? I 0:00.07 sshd: jacks [priv] (sshd)
283 ?? S 0:04.24 sshd: jacks@ttyp1 (sshd)
270 p0 Is 0:00.04 -csh (csh)
273 p0 I+ 0:00.05 _su (csh)
284 p1 Is 0:00.04 -tcsh (tcsh)
290 p1 S 0:00.07 _su (csh)
387 p1 R+ 0:00.00 ps ax
231 v0 Is+ 0:00.01 /usr/libexec/getty Pc ttyv0
232 v1 Is+ 0:00.01 /usr/libexec/getty Pc ttyv1
233 v2 Is+ 0:00.01 /usr/libexec/getty Pc ttyv2
234 v3 Is+ 0:00.01 /usr/libexec/getty Pc ttyv3
235 v4 Is+ 0:00.01 /usr/libexec/getty Pc ttyv4
236 v5 Is+ 0:00.01 /usr/libexec/getty Pc ttyv5
237 v6 Is+ 0:00.01 /usr/libexec/getty Pc ttyv6
238 v7 Is+ 0:00.01 /usr/libexec/getty Pc ttyv7
227 con- I 0:00.02 /bin/sh /usr/local/bin/safe_mysqld --user=mysql
--datadir=/var/db/mysql --pid-file=/var/db/mysql/e
Best regards,
Jack L. Stone,
Administrator
Sage American
http://www.sage-american.com
jacks@sage-american.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.20031110160157.0142b020>