Re: [Bug 16317] New: oops in nf_nat_setup_info

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Siim Põder" <siim@p6drad-teel.net>
To: Patrick McHardy <kaber@trash.net>
Cc: Netfilter Developer Mailing List
	<netfilter-devel@vger.kernel.org>,
	bugzilla-daemon@bugzilla.kernel.org
Subject: Re: [Bug 16317] New: oops in nf_nat_setup_info
Date: Wed, 30 Jun 2010 23:22:01 +0300	[thread overview]
Message-ID: <4C2BA769.6050101@p6drad-teel.net> (raw)
In-Reply-To: <4C2B3FCA.9000505@trash.net>

Patrick McHardy wrote:
> bugzilla-daemon@bugzilla.kernel.org wrote:
>> https://bugzilla.kernel.org/show_bug.cgi?id=16317
>> [581172.269340] ------------[ cut here ]------------
>> [581172.280485] kernel BUG at net/ipv4/netfilter/nf_nat_core.c:300!
>>   
> 
> NAT is attempting to set up mappings a second time for an existing
> conntrack.
> 
> So the failover node is purely passive and is not synchronizing connections
> back to the one which is crashing? That would rule out a race condition
> between creating a new conntrack using ctnetlink and the lookup done during
> packet processing.

Syncing is done in both directions simultaneously so the described
race is not ruled out.

Coincidentally or not, but so far both crashes seemed to have occured
on the 6th second of a minute, which is around where conntrackd -c
usually finishes.

I'm a bit confused how the race might happen. It would mean that the
src/dst ip:port gets reused or packet tranmitted by client after the
conntrack has expired on the active box whilist the failover box
synchronizes it back to the active one?

> I can't spot the problem right now, but it would be interesting whether
> this still happens without running the (synchronizing) conntrack daemon.

I can't keep this running in production so will have to try to
reproduce it on a test setup. As I'm not sure about the scenario to
test, I'll just create lots of SNAT/DNAT connections while syncing
them with conntrackd (and conntrackd -c) running for a while hoping to
recreate whatever triggers it?

Siim

     prev parent reply	other threads:[~2010-06-30 20:30 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <bug-16317-4010@https.bugzilla.kernel.org/>
2010-06-30 12:59 ` [Bug 16317] New: oops in nf_nat_setup_info Patrick McHardy
2010-06-30 20:22   ` Siim Põder [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4C2BA769.6050101@p6drad-teel.net \
    --to=siim@p6drad-teel.net \
    --cc=bugzilla-daemon@bugzilla.kernel.org \
    --cc=kaber@trash.net \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.