Gleb Smirnoff wrote: > Let me give you link to my branch of pf: > > http://lists.freebsd.org/pipermail/freebsd-pf/2012-June/006643.html > http://lists.freebsd.org/pipermail/freebsd-pf/2012-June/006662.html > > In that branch the code that puts the "reverse" pointer on state keys, > as well as the m_addr_changed() function and the pf_compare_state_keys() > had been cut away. > > So, this exact bug definitely can't be reproduced there. However, others > may hide in :) Thanks. I'll be able to work on this next week. My system is pretty similar to yours - 16 cores, full BGP RIB, 20+ VLANs + CARP on 4*bce(4), PF+Sync, 400k+ states, NAT, tables, anchors etc. The complication is that the production system is on 8 and the pfsync is incompatible with 9 and CURRENT. And, 9/CURRENT is unuseable for me as a backup without this fix because of the state mismatch rate. Ian -- Ian FreislichReceived on Sat Aug 11 2012 - 08:02:55 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:29 UTC