[tproxy] Re: tproxy Digest, Vol 24, Issue 4
Lior Dotan
liodot at gmail.com
Tue Jun 12 17:33:08 CEST 2007
Hi,
I'm having the same problem with sockref leak with tproxy 2.0.6
running on kernel 2.4.33, with nat reservation patch applied.
> Date: Tue, 12 Jun 2007 11:21:17 +0800
> From: "Daniel" <tooldcas at 163.com>
> Subject: Re: Re: [tproxy] sockref leak problem
> To: "tproxy" <tproxy at lists.balabit.hu>
> Message-ID: <200706121121174100198 at 163.com>
> Content-Type: text/plain; charset="gb2312"
>
>
> >>On Sun, 2007-06-10 at 20:25 +0800, Daniel wrote:
> >> hi,
> >>
> >> Recently I tested tproxy with Avanlanche (about 800M/s stress) and some result below:
> >>
> >> 1. deadlock when ip_conntrack_ftp loaded. Plz see my last post and explaination from Balazs Scheidler.
> >> 2. I tested again without nat_reservation(deadlock disappeared). After 10 hours' stress test, kernel kept giving out exactly the same messages repeatedly:
> >>
> >> IP_TPROXY: socket already assigned, reuse=1, 0a0ba8c0:4c86, sr->faddr=e80ba8c0:0000, flags=10000, sr->tv_hashed=1181425010:475244912
> >>
> >> My questions:
> >> Is this sockref leaked?
> >> and, what is the situation when a sockref is leaked?
> >
> >can you tell me your kernel/tproxy version?
> >
> >The error message above means that the application tries to an address
> >that already is in the tproxy hash table (e.g. which was allocated
> >before). This should never happen, as this would indicate that
> >you have two sockets bound to the same local ip:port
> >
> >The details of the already registered entry is included in the log
> >message.
> >
> >The conflicting local address is 192.168.11.10:34380 and you wanted to
> >assign 192.168.11.232 with a random port (0 port).
> >
> >Your flags has ITP_ONCE set, and nothing else, and the entry in the
> >table was registered at 1181425010.475 secs after the UNIX epoch.
> >
> >A minor note:
> >* ITP_ONCE was removed from the latest versions of tproxy, you should
> >not use that (I don't think removing that would help in your case
> >however)
> >
> >Please give me the exact versions you are testing with.
> >
> >
> >
> >--
> >Bazsi
> >
> >
> Sorry about my last encoded email.
>
> I use tproxy-2.0.1 and kernel 2.6.9 and a http proxy, and I cann't move forward to new
> versions for some reason.
>
>
> Today when I stop stress and check /proc/net/tproxy later, I found 3 entries always there:
> cat /proc/net/tproxy
> 00006 470ba8c0:0000 0a0ba8c0:0581 00000000:0000 00010000 00000 000001 1181498811:997708128
> 00006 700ba8c0:0000 0a0ba8c0:5a9e 00000000:0000 00010000 00000 000001 1181489066:124306088
> 00006 e80ba8c0:0000 0a0ba8c0:4c86 00000000:0000 00010000 00000 000001 1181425010:475244912
>
> Maybe I missed some important fix?
>
> Thanks for your quick reply.
>
> ¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡Daniel
> ¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡tooldcas at 163.com
> ¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡2007-06-12
More information about the tproxy
mailing list