[Bug #3032] IPFW3: memory leakage? objcache(xxx): Exhausted!

Aaron LI aaronly.me at outlook.com
Fri May 5 02:04:11 PDT 2017


On Fri, May 05, 2017 at 01:43, Aaron LI <aaronly.me at outlook.com> wrote:

> On Fri, May 05, 2017 at 01:16, Sepherosa Ziehau <sepherosa at gmail.com> wrote:
>
>> On Thu, May 4, 2017 at 7:44 PM, Aaron LI <aaronly.me at outlook.com> wrote:
>>> Dear Bill,
>>>
>>> I'm running into problems with the IPFW3, which seems to cause memory
>>> leakages and lead to the "objcache(xxx): Exhausted!" warning, and
>>> finally the system became unresponsive and need reset.
>>>
>>> On the same VPS with IPFW3 disabled, it runs rather smoothly (already a
>>> week now since last reset); as for my other machine at home, it had very
>>> good uptime (>100 days).
>>>
>>> Therefore, could you please have a look at my bug report #3032 (detailed
>>> as below) when it is convenient for you?  Thanks!
>>>
>>> ----------------------------------------
>>>
>>> On the other hand, any other Dflyers ever came across such problems?
>>
>> Since you are not using NAT etc, could you try ipfw?
>
> Hi sephe,
>
> Thanks for the suggestion.  I don't use NAT, and I will try out the
> IPFW, and will report back.

Hi,

So, it is quiet sure that the problem is in IPFW3.

Just tried IPFW (with the same rules) and after runing ~6 hours, so far so
good. The network buffers usage almost keeps the same, e.g. (netstat -m):

----------------------------------------------------------------------
20114/293376 mbufs in use (current/max):
521/17248 mbuf clusters in use (current/max)
26/8368 mbuf jumbo clusters in use (current/max)
        20651 mbufs and mbuf clusters allocated to data
        10 mbufs and mbuf clusters allocated to packet headers
11099 Kbytes allocated to network (6% of mb_map in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines
----------------------------------------------------------------------
(N.B., the first number "mbufs in use" is quiet large, which is due to
the previous IPFW3 running)

Also attached the IPFW statistics (ipfw show):
----------------------------------------------------------------------
00010        0           0 allow ip from any to any via lo0
00100        0           0 check-state
00200  2957376  2517562216 allow tcp from me to any out via em0 keep-state
00201  3879493  4265072261 allow udp from me to any out via em0 keep-state
00202        0           0 allow icmp from me to any out via em0 keep-state
00301        2         112 deny ip from 172.16.0.0/12 to any in via em0
00303        0           0 deny ip from 127.0.0.0/8 to any in via em0
00304       18        5984 deny ip from 0.0.0.0/8 to any in via em0
00305        3         984 deny ip from 169.254.0.0/16 to any in via em0
00306        0           0 deny ip from 192.0.2.0/24 to any in via em0
00307        0           0 deny ip from 204.152.64.0/23 to any in via em0
00308        0           0 deny ip from 224.0.0.0/3 to any in via em0
00310        0           0 allow icmp from me to any in via em0
00315        0           0 deny tcp from any to any dst-port 113 in via em0
00320        0           0 deny tcp from any to any dst-port 137 in via em0
00321        0           0 deny tcp from any to any dst-port 138 in via em0
00322        0           0 deny tcp from any to any dst-port 139 in via em0
00323        0           0 deny tcp from any to any dst-port 81 in via em0
00332     2043      196776 deny tcp from any to any established in via em0
00500     2402      401503 allow tcp from any to me dst-port 8860 in via em0 setup keep-st
ate
00510        0           0 allow tcp from any to me dst-port 80 in via em0 setup keep-state
00512       11        1115 allow tcp from any to me dst-port 8800 in via em0 setup keep-st
ate
00513    15752    11562114 allow tcp from any to me dst-port 8801 in via em0 setup keep-st
ate
00700     8232     7105626 allow tcp from any to me dst-port 22000 in via em0 setup keep-s
tate
00701        0           0 allow udp from any to me dst-port 21027 in via em0 keep-state
00800 45171020 42787449552 allow ip from any to me dst-port 51413 in via em0 keep-state
00801       64       20351 allow tcp from 192.168.1.0/24 to me dst-port 9091 in via em0 se
tup keep-state
60000     5280      673782 deny ip from any to any in via em0
65535      302       57794 deny ip from any to any
----------------------------------------------------------------------
(N.B., this machine runs transmission BT with lots of seedings, so the
traffics are quite large.)


Cheers,
-- 
Aly



More information about the Users mailing list