On 2/29/2012 6:01 PM, Steve Wills wrote:
> On 02/29/12 13:17, K. Macy wrote:
>> .
>>>
>>> I tried it, on both FreeBSD routers, web systems, and database
>>> servers; all on 8.2+. It still causes massive instability.
>>> Disabling the sysctl, and/or removing it from the kernel solved
>>> the problems.
>
>> Routing I can believe, but I'm wondering how close attention you
>> paid to the workload. There are CDN networks with high uptimes and
>> shipping firewall products that use flowtable, so your mention of
>> web systems forces makes me ask for specifics.
>
>
> The failure I experienced was with web servers running 8.0 behind a F5
> load balancer in an HA setup. Whenever the failover happened, the web
> servers would continue sending to the wrong MAC address, despite the
> arp table updating. Disabling flowtable via the sysctl solved the
> problem. Maybe Doug's failure was similar, maybe not, but I thought
> I'd throw my $0.02 in.
Yes, that was part of it. On the web and db systems we had what I can
only describe as "general wackiness" with systems suddenly becoming
unreachable, etc. This was with a moderately complex network setup with
a combination of different VLANs, multiple interfaces, etc. The FreeBSD
routers would just plain panic on a semi-regular interval. Removing
flowtable made all this go away, and we've been quite stable since then.
hth,
Doug
--
This .signature sanitized for your protection