* ip_conntrack locks up hard on 2.4.0 after about 10 hours
@ 2001-01-06 15:37 safemode
2001-01-06 15:51 ` safemode
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: safemode @ 2001-01-06 15:37 UTC (permalink / raw)
To: linux-kernel
It seems that for one reason or another, ip_conntrack totally locks (not
removeable) after about 10 hours of continued use. All i found were
these messages in my dmesg output
Jan 6 06:18:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
when=0x5d9e, caller=c01a6bf1
Jan 6 06:18:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
when=0x5b2f, caller=c01a6bf1
Jan 6 06:18:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
when=0x56bb, caller=c01a6bf1
Jan 6 06:40:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
when=0x217db, caller=c01a6bf1
Jan 6 06:40:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
when=0x2363e, caller=c01a6bf1
Jan 6 06:40:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
when=0x21b64, caller=c01a6bf1
Jan 6 06:40:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
when=0x1fa85, caller=c01a6bf1
This makes it impossible to make any sort of network socket connection
and all prior connections died. As i said you cannot remove the module
to reset ip_conntrack and i'm not sure what could have caused this as it
did work up until i woke up this morning, with a total running time of
about 10 hours or so. I'd consider this bug rather important, if anyone
thinks this is not an ip_conntrack bug and rather something that has
changed that i havn't read about, help would be nice. :) i have been
using iptables since it came out though and ip_conntrack has only been
bad once before, on test5 when it wouldn't kill old dead socket
connections and eventually starved itself of free sockets.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: ip_conntrack locks up hard on 2.4.0 after about 10 hours
2001-01-06 15:37 ip_conntrack locks up hard on 2.4.0 after about 10 hours safemode
@ 2001-01-06 15:51 ` safemode
2001-01-06 23:29 ` David S. Miller
2001-01-07 11:27 ` Rusty Russell
2 siblings, 0 replies; 4+ messages in thread
From: safemode @ 2001-01-06 15:51 UTC (permalink / raw)
To: linux-kernel
[-- Attachment #1: Type: text/plain, Size: 2059 bytes --]
Setiathome 3.03 and 3.x most likely causes the ip_conntrack errors which
quickly brings the system to a screetching network halt. I suggest nobody
run setiathome on their firewall/gateway/router if they're using iptables
with 2.4.x. Not sure how it causes this error nor would it matter to me
since i wouldn't be able to recode the client anyway. I'm sure there are
setiathome developers (at least one) paying attention to this list. The
client is broken.
safemode wrote:
> It seems that for one reason or another, ip_conntrack totally locks (not
> removeable) after about 10 hours of continued use. All i found were
> these messages in my dmesg output
> Jan 6 06:18:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
> when=0x5d9e, caller=c01a6bf1
> Jan 6 06:18:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
> when=0x5b2f, caller=c01a6bf1
> Jan 6 06:18:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
> when=0x56bb, caller=c01a6bf1
> Jan 6 06:40:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
> when=0x217db, caller=c01a6bf1
> Jan 6 06:40:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
> when=0x2363e, caller=c01a6bf1
> Jan 6 06:40:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
> when=0x21b64, caller=c01a6bf1
> Jan 6 06:40:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
> when=0x1fa85, caller=c01a6bf1
>
> This makes it impossible to make any sort of network socket connection
> and all prior connections died. As i said you cannot remove the module
> to reset ip_conntrack and i'm not sure what could have caused this as it
> did work up until i woke up this morning, with a total running time of
> about 10 hours or so. I'd consider this bug rather important, if anyone
> thinks this is not an ip_conntrack bug and rather something that has
> changed that i havn't read about, help would be nice. :) i have been
> using iptables since it came out though and ip_conntrack has only been
> bad once before, on test5 when it wouldn't kill old dead socket
> connections and eventually starved itself of free sockets.
>
[-- Attachment #2: Type: text/html, Size: 2432 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: ip_conntrack locks up hard on 2.4.0 after about 10 hours
2001-01-06 15:37 ip_conntrack locks up hard on 2.4.0 after about 10 hours safemode
2001-01-06 15:51 ` safemode
@ 2001-01-06 23:29 ` David S. Miller
2001-01-07 11:27 ` Rusty Russell
2 siblings, 0 replies; 4+ messages in thread
From: David S. Miller @ 2001-01-06 23:29 UTC (permalink / raw)
To: safemode; +Cc: linux-kernel
Date: Sat, 06 Jan 2001 10:37:54 -0500
From: safemode <safemode@voicenet.com>
Jan 6 06:18:10 icebox kernel: reset_xmit_timer sk=c17fd040 1
when=0x5d9e, caller=c01a6bf1
I posted a fix for this on Linux-kernel yesterday, had you tested it
you would have seen at least this part of your problem report go away.
I'm reposting the fix for your convenience:
--- net/ipv4/tcp_input.c.~1~ Wed Dec 13 10:31:48 2000
+++ net/ipv4/tcp_input.c Fri Jan 5 17:01:53 2001
@@ -1705,7 +1705,7 @@
if ((__s32)when < (__s32)tp->rttvar)
when = tp->rttvar;
- tcp_reset_xmit_timer(sk, TCP_TIME_RETRANS, when);
+ tcp_reset_xmit_timer(sk, TCP_TIME_RETRANS, min(when, TCP_RTO_MAX));
}
}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: ip_conntrack locks up hard on 2.4.0 after about 10 hours
2001-01-06 15:37 ip_conntrack locks up hard on 2.4.0 after about 10 hours safemode
2001-01-06 15:51 ` safemode
2001-01-06 23:29 ` David S. Miller
@ 2001-01-07 11:27 ` Rusty Russell
2 siblings, 0 replies; 4+ messages in thread
From: Rusty Russell @ 2001-01-07 11:27 UTC (permalink / raw)
To: safemode; +Cc: linux-kernel
In message <3A573BD2.C7F7771F@voicenet.com> you write:
> It seems that for one reason or another, ip_conntrack totally locks (not
> removeable) after about 10 hours of continued use. All i found were
> these messages in my dmesg output
What was the contents of /proc/net/ip_conntrack?
Being unremovable can happen if someone is holding a packet, which the
below fix (by Xuan Baldauf) will often alleviate, but connection
tracking doesn't DROP packets (NAT and packet filtering do).
Hope that helps,
Rusty.
--
http://linux.conf.au The Linux conference Australia needed.
diff -urN -I \$.*\$ -X /tmp/kerndiff.RnRDbE --minimal linux-2.4.0-test13-3/net/ipv4/ip_input.c working-2.4.0-test13-3/net/ipv4/ip_input.c
--- linux-2.4.0-test13-3/net/ipv4/ip_input.c Tue Dec 12 14:28:06 2000
+++ working-2.4.0-test13-3/net/ipv4/ip_input.c Mon Dec 18 17:07:06 2000
@@ -225,6 +225,13 @@
nf_debug_ip_local_deliver(skb);
#endif /*CONFIG_NETFILTER_DEBUG*/
+#ifdef CONFIG_NETFILTER
+ /* Free reference early: we don't need it any more, and it may
+ hold ip_conntrack module loaded indefinitely. */
+ nf_conntrack_put(skb->nfct);
+ skb->nfct = NULL;
+#endif /*CONFIG_NETFILTER*/
+
/* Point into the IP datagram, just past the header. */
skb->h.raw = skb->nh.raw + iph->ihl*4;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2001-01-07 23:38 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2001-01-06 15:37 ip_conntrack locks up hard on 2.4.0 after about 10 hours safemode
2001-01-06 15:51 ` safemode
2001-01-06 23:29 ` David S. Miller
2001-01-07 11:27 ` Rusty Russell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox