[tproxy] sockref leak problem
Balazs Scheidler
bazsi at balabit.hu
Sun Jun 10 21:44:18 CEST 2007
On Sun, 2007-06-10 at 20:25 +0800, Daniel wrote:
> hi,
>
> Recently I tested tproxy with Avanlanche (about 800M/s stress) and some result below:
>
> 1. deadlock when ip_conntrack_ftp loaded. Plz see my last post and explaination from Balazs Scheidler.
> 2. I tested again without nat_reservation(deadlock disappeared). After 10 hours' stress test, kernel kept giving out exactly the same messages repeatedly:
>
> IP_TPROXY: socket already assigned, reuse=1, 0a0ba8c0:4c86, sr->faddr=e80ba8c0:0000, flags=10000, sr->tv_hashed=1181425010:475244912
>
> My questions:
> Is this sockref leaked?
> and, what is the situation when a sockref is leaked?
can you tell me your kernel/tproxy version?
The error message above means that the application tries to an address
that already is in the tproxy hash table (e.g. which was allocated
before). This should never happen, as this would indicate that
you have two sockets bound to the same local ip:port
The details of the already registered entry is included in the log
message.
The conflicting local address is 192.168.11.10:34380 and you wanted to
assign 192.168.11.232 with a random port (0 port).
Your flags has ITP_ONCE set, and nothing else, and the entry in the
table was registered at 1181425010.475 secs after the UNIX epoch.
A minor note:
* ITP_ONCE was removed from the latest versions of tproxy, you should
not use that (I don't think removing that would help in your case
however)
Please give me the exact versions you are testing with.
--
Bazsi
More information about the tproxy
mailing list