[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]



Hi all,
  I was in the process of replacing an old PIX 515 with a new couple of
OBSD 3.5 boxes with all the new great features enabled, for instance
CARP and pfsync.
CARP is intended to be used in preempt mode.
The main box is a Pentium IV 3.2 with 2G RAM, a RAID-1 SCSI adapter and
10 em(4) network cards (i can post the dmesg if interested).
After installing 3.5-release i've taken the OS to -stable as described
on openbsd.org/stable.html.
All was smooth as possible till, after setting everything up: carp,
pfsync, pf i've tested (with almost no load) the box connected to the
LAN, then came the kernel warning:
"/bsd: WARNING: mclpool limit reached; increase NMBCLUSTERS"

The kernel is GENERIC.

Digging through the MLs archive i've charged the em(4) nics as guilty
for the problem for their much use of mbuf, i've also seen some
developers suggest to move to -current as a solution as there there are
a lot of "huge improvement" in the kernel area managing mbuf, so i've
taken today available snapshot (files dated 19/08), backed up al my
configs, installed the snapshots from scratch and put on line again all
my configs, something seems to have changed... better.

Now with the box with all enabled but only on nic connected the LAN
(used as a source to install from ports) i got
from netstat -m:
1898 mbufs in use:
        1869 mbufs allocated to data
        26 mbufs allocated to packet headers
        3 mbufs allocated to socket names and addresses
1792/1822/6144 mbuf clusters in use (current/peak/max)
4164 Kbytes allocated to network (97% in use)
0 requests for memory denied
0 requests for memory delayed
78 calls to protocol drain routines

from vmstat -m:
Memory Totals:  In Use    Free    Requests
                 1620K     77K      268864
--- snippet ---
bufpl        116       10    0       10     1     0     1     1    
0     8    1
mbpl         256   502411    0   500442   211    81   130   132    
1     8    6
mclpl       2048   155319    4   153527   911     0   911   911     4 
3072   14
sockpl       200      397    0      381     1     0     1     1    
0     8    0
--- snippet ---

before with 3.5-stable i got mbufs from netstat -m always growing till
the warning now they are stable at that level (the box is with no load
at all)

For what i can see i'm going to deploy this box with 19/08 snapshots
(3.6-beta) but i would like to know how to track future enhancement
especially security enhancement and if there's some special hints you
would like to give to me. Thanks!

Regards

-- 
Massimo