Date: Thu, 14 Jun 2007 19:43:25 +0200 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Cc: Volker <volker@vwsoft.com> Subject: Re: PF error message looping on screen. System Locked. Message-ID: <200706141943.32931.max@love2party.net> In-Reply-To: <200706141056.15453.rmiranda@digitalrelay.ca> References: <200706140833.50583.rmiranda@digitalrelay.ca> <46715C7F.4060602@vwsoft.com> <200706141056.15453.rmiranda@digitalrelay.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart1432492.4PuehGltGc Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Thursday 14 June 2007, Roger Miranda wrote: > > I don't think this message is related to your trouble. I think you > > can also avoid these messages by adding 'no scrub' to your pf.conf > > (I'm currently not aware of any side effects by adding this). > > I did add it. > > > Probably Max has some more suggestions on not scrubbing packets. > > > > You should get a debugger into your kernel (like Max suggested) > > The debugger is in the kernel. I can break to it during normal > operation. Except when these messages are loop through the screen. > > > and > > probably also use `pfctl -x loud' or `pfctl -x misc' to get more > > messages out of pf. If these messages are popping up again, break the > > system into the debugger and look for the messages (using 'scroll > > lock' to scroll back some pages), ps and a backtrace. > > I have set debug to loud. > > I found this after I rebooted in dmesg: > ---------------------------------------------------- > > pf_reassemble: complete: 0xc4338100(1504) > pf_normalize_ip: reass frag 39811 @ 0-1480 > pf_normalize_ip: reass frag 39811 @ 1480-1484 > pf_reassemble: 1484 < 1484? That's a configuration problem. Something seems to assume a MTU of 1484=20 while there really is a bottleneck with only 1480 which leads to heavy=20 fragmentation. You should find the offender and reduce its MTU. If=20 those messages show up, you did not use "no scrub" however. =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart1432492.4PuehGltGc Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.3 (FreeBSD) iD8DBQBGcX5EXyyEoT62BG0RAjnqAJ9Is/q/MyR8Ze9YlZVUeCVPXFfPQACfTORB ivBYv9gIjFCNaYq1qjNuipI= =0sIq -----END PGP SIGNATURE----- --nextPart1432492.4PuehGltGc--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200706141943.32931.max>