2012/2/28 Steve Wills <swills_at_freebsd.org>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 02/27/12 10:53, Łukasz Wąsikowski wrote: >> W dniu 2012-02-22 23:31, Bjoern A. Zeeb pisze: >> >>> You cannot ship that on by default for non-tecnical reasons in a >>> kernel. Please do not commit a kernel config that can be booted >>> (no LINT cannot be booted) with these on without consulting >>> appropriate hats upfront. >>> >>> >>>> - ALTQ - SW_WATCHDOG - QUOTA - IPSTEALTH (disabled in >>>> loader.conf) - IPFIREWALL_FORWARD (touches every packet, power >>>> users which need a bigger PPS but not this feature can >>>> recompile the kernel, discussed with julian_at_) - FLOWTABLE >>>> (disabled in loader.conf) >>> Which is not the same as it's not 100% disabled and will still >>> allocate memory. >> >> FLOWTABLE on 8.x crashed BGP routers (kern/144917). I don't know if >> it is fixed by now, but this kind of potential problematic features >> should not be enabled by default. >> > > Agree, I've run into problems with FLOWTABLE (with just the features > that were enabled by default in 8.0) when routers changed MAC > addresses. As far as I understand it, FLOWTABLE is both broken and > abandoned (but if I'm wrong, please let me know). > > So, IMHO, not only should it not be enabled by default, but given that > it was disabled complete in 8.x after 8.0 (too lazy to look at exactly > when right now), I think it shouldn't even be included, since that > might encourage users to try it out only to encounter problems with it. > > Steve > Definitely yes, I'd some problems too with FLOWTABLE running for router. So I have to disabled in kernel and sysctl. Rgds, -- Lasta YaniReceived on Tue Feb 28 2012 - 09:01:32 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:24 UTC