[tproxy] sockref leak problem

Balazs Scheidler bazsi at balabit.hu
Wed Jun 20 11:11:55 CEST 2007


On Tue, 2007-06-12 at 11:21 +0800, Daniel wrote:
> >>On Sun, 2007-06-10 at 20:25 +0800, Daniel wrote:
> >> hi,
> >> 
> >> Recently I tested tproxy with Avanlanche (about 800M/s stress) and some result below:
> >> 
> >> 1. deadlock when ip_conntrack_ftp loaded. Plz see my last post and explaination from Balazs Scheidler.
> >> 2. I tested again without nat_reservation(deadlock disappeared). After 10 hours' stress test, kernel kept giving out exactly the same messages repeatedly:
> >> 
> >> IP_TPROXY: socket already assigned, reuse=1, 0a0ba8c0:4c86, sr->faddr=e80ba8c0:0000, flags=10000, sr->tv_hashed=1181425010:475244912
> >> 
> >> My questions:
> >>   Is this sockref leaked?
> >>   and, what is the situation when a sockref is leaked?
> >
> >can you tell me your kernel/tproxy version?
> >
> >The error message above means that the application tries to an address
> >that already is in the tproxy hash table (e.g. which was allocated
> >before). This should never happen, as this would indicate that
> >you have two sockets bound to the same local ip:port
> >
> >The details of the already registered entry is included in the log
> >message.
> >
> >The conflicting local address is 192.168.11.10:34380 and you wanted to
> >assign 192.168.11.232 with a random port (0 port).
> >
> >Your flags has ITP_ONCE set, and nothing else, and the entry in the
> >table was registered at 1181425010.475 secs after the UNIX epoch.
> >
> >A minor note:
> >* ITP_ONCE was removed from the latest versions of tproxy, you should
> >not use that (I don't think removing that would help in your case
> >however)
> >
> >Please give me the exact versions you are testing with.
> >
> >
> >
> >-- 
> >Bazsi
> >
> >
> Sorry about my last encoded email.
> 
> I use tproxy-2.0.1 and kernel 2.6.9 and a http proxy, and I cann't move forward to new 
> versions for some reason.
> 
> 
> Today when I stop stress and check /proc/net/tproxy later, I found 3 entries always there:
> cat /proc/net/tproxy 
> 00006 470ba8c0:0000 0a0ba8c0:0581 00000000:0000 00010000 00000 000001 1181498811:997708128
> 00006 700ba8c0:0000 0a0ba8c0:5a9e 00000000:0000 00010000 00000 000001 1181489066:124306088
> 00006 e80ba8c0:0000 0a0ba8c0:4c86 00000000:0000 00010000 00000 000001 1181425010:475244912

The process which opened these sockets were killed or is it still
running?

-- 
Bazsi



More information about the tproxy mailing list