Mysterious Freezes

Yesterday both of my EPIA routers running FreeBSD 5-STABLE freezed. After I rebooted them i updated the world because a lot of bugs have been fixed in the last month, but today the Firewall EPIA freezed again 🙁
Both times I was not at home, so i don’t know if something mysterious happend. My other Systems didn’t crash, so it can’t be a powerfailure, and heating problems are very unlikely as there are -3�C outside and around 18�C inside.
I have now built a debug kernel on the firewall and additional disabled SACK TCP and the MPsafe network subsystem.
I hope this increases the stability, that i don’t have to reenable the old gateway running FreeBSD 4-STABLE (which btw last week hit the 300 days uptime mark) for the chrismas holidays.
If you have any other ideas how to increase stability, please let me know.

8 thoughts on “Mysterious Freezes”

  1. hate to say that – maybe a change to OpenBSD/pf would help.

  2. Well switching to PF is a tempting option, as I would really like to try CARP.
    But i doubt that IPF is the reason of the problem, it has been working without a problem for years.
    And OpenBSD, hm…….

  3. come on arved … try it *eg* …
    easy it is, the path to the dark side of the force … hrhr
    there are of course other features at openbsd, as the rule optimization, pfauth (very nice) and spamd which you should give a try.

  4. Well I am not really interested in spamd, as I have only one IP, where i need to run sendmail, but pfauth might be nice for the wlan.
    I will put an item on my TODO list, “Install OpenBSD on Polly”, but i don’t really have the time to play with another Operating System in the next months.

  5. spamd (OpenBSDs Spam Tarpit) doesn�t depend on wether you got one IP or not. it�s feeded by pf via a blacklist and simply slows down the sending mta by faking a slow SMTP “handshake” – this can slow down spammers mta hardly – and just costs you one port.
    Daniel Hartmeier wrote nice stuff:
    worth to check out, it�s read in 5 minutes and actually _figths_ spam (I don�t consider filtering as figthing ;))

  6. Do you have any experience, how much traffic it costs?
    I can’t spend any traffic for fighting spammers, as my ADSL account has no spare bandwith.
    BTW dhartmei’s page says, all feature have been ported to FreeBSD, so it is not necessary to install OpenBSD 🙂

  7. a few bytes just for the slow handshake; if you can afford running your mailserver via ADSL, you can afford not getting spam mails. if you just filter them via spamassassin, you�ll have definitly more bandwith usage than just slowing down the other MTA by _not_ taking it (and not telling hime, you (spamd) are no MTA) …
    spamd is just claiming to be a MTA, it�ll never process any mail.
    Oh, I thought you wanted to give openbsd a try 😉

  8. I finally got a backtrace from the panic the panic that occured once a week since December.
    panic: m_copydata, length > size of mbuf chain
    KDB: enter: panic
    [thread pid 27 tid 100021 ]
    Stopped at kdb_enter+0x2b: nop
    db> where
    Tracing pid 27 tid 100021 td 0xc107f190
    kdb_enter(c06b8a22) at kdb_enter+0x2b
    panic(c06be9b5,1,c2213340,c2213300,ca8a8b34) at panic+0xbb
    m_copydata(c123a600,0,38,c2213340,0) at m_copydata+0x66
    ipllog(0,ca8a8be0,ca8a8b68,ca8a8b60,ca8a8b58) at ipllog+0x1f1
    ipflog(19,c123a650,ca8a8be0,c123a600,0) at ipflog+0x18f
    fr_check(c123a650,14,c1120000,0,ca8a8c88) at fr_check+0xc6c
    fr_check_wrapper(0,ca8a8c88,c1120000,1,0) at fr_check_wrapper+0x2a
    pfil_run_hooks(c074a000,ca8a8cd4,c1120000,1,0) at pfil_run_hooks+0xbd
    ip_input(c123a600) at ip_input+0x231
    netisr_processqueue(c0749298) at netisr_processqueue+0x6e
    swi_net(0) at swi_net+0x88
    ithread_loop(c1074500,ca8a8d48,c1074500,c050f198,0) at ithread_loop+0x124
    fork_exit(c050f198,c1074500,ca8a8d48) at fork_exit+0xa4
    fork_trampoline() at fork_trampoline+0x8
    So maybe I should really switch to PF. But first lets see if someone on the FreeBSD Mailinglist knows a solution.

Comments are closed.