Network Slowdowns?

Richard Nyberg rnyberg at murmeldjur.se
Mon Oct 9 04:03:05 PDT 2006


yberg at xxxxxxxxxxxxx>	<20061009100101.GA5071 at xxxxxxxxxxxxxxxxx>
User-Agent: Wanderlust/2.14.0 (Africa) Emacs/21.4 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset=US-ASCII
Lines: 172
NNTP-Posting-Host: 82.182.64.48
X-Trace: 1160391788 crater_reader.dragonflybsd.org 787 82.182.64.48
Xref: crater_reader.dragonflybsd.org dragonfly.users:7603

At Mon, 09 Oct 2006 12:01:01 +0200,
Joerg Sonnenberger wrote:
> 
> On Mon, Oct 09, 2006 at 11:44:11AM +0200, Richard Nyberg wrote:
> > My box experience at least one PF related crash per day. My bittorrent
> > client <http://www.murmeldjur.se/btpd> is very good at provoking them
> > it seems.
> 
> dmesg and pf.conf?
> 
Sure. Thanks for looking at this.

        -Richard

dmesg:
Copyright (c) 2003, 2004, 2005, 2006 The DragonFly Project.
Copyright (c) 1992-2003 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
	The Regents of the University of California. All rights reserved.
DragonFly 1.6.0-RELEASE #0: Tue Jul 25 17:23:41 CEST 2006
    root at xxxxxxxxxx:/usr/obj/usr/src/sys/GENERIC
TSC clock: 1470099533 Hz, i8254 clock: 1193263 Hz
CPU: AMD Athlon(tm) XP 1700+ (1470.01-MHz 686-class CPU)
  Origin = "AuthenticAMD"  Id = 0x662  Stepping = 2
  Features=0x383f9ff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE>
  AMD Features=0xc0480000<MP,AMIE,DSP,3DNow!>
real memory  = 536805376 (524224K bytes)
avail memory = 509018112 (497088K bytes)
Preloaded elf kernel "/kernel" at 0xc0737000.
Preloaded elf module "/modules/acpi.ko" at 0xc07371e8.
Pentium Pro MTRR support enabled
md0: Malloc disk
pcibios: BIOS version 2.10
Using $PIR table, 8 entries at 0xc00fdee0
npx0: <math processor> on motherboard
npx0: INT 16 interface
Using MMX optimized bcopy/copyin/copyout
acpi0: <VIA694 AWRDACPI> on motherboard
acpi0: Power Button (fixed)
Warning: ACPI is disabling APM's device.  You can't run both
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x4008-0x400b on acpi0
cpu0: <ACPI CPU (3 Cx states)> on acpi0
acpi_tz0: <Thermal Zone> on acpi0
acpi_button0: <Power Button> on acpi0
acpi_button1: <Sleep Button> on acpi0
legacypci0 on motherboard
pcib0: <Host to PCI bridge> on legacypci0
pci0: <PCI bus> on pcib0
agp0: <VIA Generic host to PCI bridge> mem 0xd0000000-0xd7ffffff at device 0.0 on pci0
pcib1: <PCI to PCI bridge (vendor=1106 device=b099)> at device 1.0 on pci0
pci1: <PCI bus> on pcib1
pci1: <NVidia GeForce DDR graphics accelerator> at 0.0 irq 11
fxp0: <Intel 82550 Pro/100 Ethernet> port 0xd000-0xd03f mem 0xe3000000-0xe301ffff,0xe3020000-0xe3020fff irq 10 at device 10.0 on pci0
miibus0: <MII bus> on fxp0
inphy0: <i82555 10/100 media interface> on miibus0
inphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
fxp0: MAC address: 00:02:b3:a7:68:1f
vr0: <VIA VT6102 Rhine II 10/100BaseTX> port 0xd400-0xd4ff mem 0xe3021000-0xe30210ff irq 10 at device 12.0 on pci0
miibus1: <MII bus> on vr0
ukphy0: <Generic IEEE 802.3u media interface> on miibus1
ukphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
vr0: MAC address: 00:05:5d:f5:43:f9
pci0: <unknown card> (vendor=0x1274, dev=0x1371) at 13.0 irq 11
isab0: <PCI to ISA bridge (vendor=1106 device=3074)> at device 17.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <VIA 8233 ATA100 controller> port 0xdc00-0xdc0f at device 17.1 on pci0
ata0: at 0x1f0 irq 14 on atapci0
ata1: at 0x170 irq 15 on atapci0
uhci0: <VIA 83C572 USB controller> port 0xe000-0xe01f irq 11 at device 17.2 on pci0
usb0: <VIA 83C572 USB controller> on uhci0
usb0: USB revision 1.0
uhub0: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhub0: port error, restarting port 1
uhub0: port error, giving up port 1
uhci1: <VIA 83C572 USB controller> port 0xe400-0xe41f irq 11 at device 17.3 on pci0
usb1: <VIA 83C572 USB controller> on uhci1
usb1: USB revision 1.0
uhub1: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhub1: port error, restarting port 1
uhub1: port error, giving up port 1
uhci2: <VIA 83C572 USB controller> port 0xe800-0xe81f irq 11 at device 17.4 on pci0
usb2: <VIA 83C572 USB controller> on uhci2
usb2: USB revision 1.0
uhub2: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhub2: port error, restarting port 1
uhub2: port error, giving up port 1
orm0: <Option ROMs> at iomem 0xc0000-0xcffff,0xd0000-0xd7fff,0xd8000-0xd97ff,0xea800-0xf8fff on isa0
pmtimer0 on isa0
fdc0: <NEC 72065B or clone> at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on isa0
fdc0: FIFO enabled, 8 bytes threshold
fd0: <1440-KB 3.5" drive> on fdc0 drive 0
atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
atkbd0: <AT Keyboard> flags 0x1 irq 1 on atkbdc0
kbd0 at atkbd0
psm0: <PS/2 Mouse> irq 12 on atkbdc0
psm0: model Generic PS/2 mouse, device ID 0
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
sc0: <System console> at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 16550A
sio1 at port 0x2f8-0x2ff irq 3 on isa0
sio1: type 16550A
ppc0: <Parallel port> at port 0x378-0x37f irq 7 on isa0
ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode
ppbus0: <Parallel port bus> on ppc0
plip0: <PLIP network interface> on ppbus0
lpt0: <Printer> on ppbus0
lpt0: Interrupt-driven port
ppi0: <Parallel I/O> on ppbus0
ad0: DMA limited to UDMA33, non-ATA66 cable or device
ad0: 19574MB <IBM-DPTA-372050> [39770/16/63] at ata0-master UDMA33
ad2: 190782MB <ST3200822A> [387621/16/63] at ata1-master UDMA100
acd0: CDROM <SONY CDU4811> at ata0-slave PIO4
Mounting root from ufs:/dev/ad0s1a
cd0 at ata0 bus 0 target 1 lun 0
cd0: <SONY CDU4811 PY06> Removable CD-ROM SCSI-0 device 
cd0: 16.000MB/s transfers
cd0: Attempt to query device size failed: NOT READY, Medium not present

pf.conf:
# macros
int_if = "fxp0"
ext_if = "vr0"

tcp_services = "{ 22, 9001 }"
udp_services = "{ 9001 }"
icmp_types = "echoreq"

priv_nets = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }"

doozer = "10.0.0.3"

# options 
set block-policy return
set loginterface $ext_if

# nat/rdr
nat on $ext_if from $doozer port 9666 to any -> ($ext_if) static-port
nat on $ext_if from $int_if:network to any -> ($ext_if)
rdr on $ext_if proto tcp from any to port 8001 -> $doozer port ssh
rdr on $ext_if proto tcp from any to port 9666 -> $doozer port 9666
rdr on $ext_if proto udp from any to port 9666 -> $doozer port 9666

# filter rules
pass quick on lo0 all

block drop in  quick on $ext_if from $priv_nets to any
block drop out quick on $ext_if from any to $priv_nets

pass in  quick on $int_if from $int_if:network to any keep state
pass out quick on $int_if from any to $int_if:network keep state

pass in quick on $ext_if inet proto tcp from any to ($ext_if) \
   port $tcp_services flags S/SA keep state
pass in quick on $ext_if inet proto udp from any to ($ext_if) \
   port $udp_services

pass in quick on $ext_if proto tcp from any to $doozer port { ssh, 9666 } \
   flags S/SA keep state
pass in quick on $ext_if proto udp from any to $doozer port 9666

pass in quick inet proto icmp all icmp-type $icmp_types keep state

pass out quick on $ext_if proto tcp all modulate state flags S/SA
pass out quick on $ext_if proto { udp, icmp } all keep state

block log quick all 






More information about the Users mailing list