[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Scrub and Kernel Panics



On Fri, 2002-11-15 at 05:26, Daniel Hartmeier wrote:
> On Fri, Nov 15, 2002 at 02:37:28AM -0500, Jason Dixon wrote:
> 
> > Is "pool exhaustion" equatable to "memory exhaustion"?  If that's the
> > case, that is definitely *not* what I'm experiencing.  The box has
> > plenty of available memory and CPU.  It's busy cranking away with a 5k
> > frag limit, when it will simply panic.  If you'd like me to provide some
> > of the error messages, I'll be happy to.  They always refer to some sort
> > of packet normalization code (ip_norm?), usually a pointer error.
> 
> No, if you set both fragment and state limits to sane values for your
> amount of available RAM (try 65k for both, to be sure) you should never
> get a pf related panic. Can you send me some ddb> trace outputs? What
> version are you using, can you try to reproduce the panic with -current?
Set both to 65k, works great.  The state limit shouldn't have had any
affect, as igmp is being blocked quick anyways.  Why does *increasing*
the frag limit help here?  I would assume (I'm an idiot, mind you) that
lowering the limit would keep the pool safe.  
Still running -stable, fwiw.
-J.