From nobody@FreeBSD.org  Wed Jun 29 14:46:16 2011
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2331D106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 29 Jun 2011 14:46:16 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 12BA08FC13
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 29 Jun 2011 14:46:16 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id p5TEkF2X058093
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 29 Jun 2011 14:46:15 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id p5TEkFeA058092;
	Wed, 29 Jun 2011 14:46:15 GMT
	(envelope-from nobody)
Message-Id: <201106291446.p5TEkFeA058092@red.freebsd.org>
Date: Wed, 29 Jun 2011 14:46:15 GMT
From: Martin Laabs <spamtrap@martinlaabs.de>
To: freebsd-gnats-submit@FreeBSD.org
Subject: gssd generate much network traffic and led to kernel panic
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         158432
>Category:       kern
>Synopsis:       [panic] gssd(8) generate much network traffic and led to kernel panic
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jun 29 14:50:08 UTC 2011
>Closed-Date:    
>Last-Modified:  Fri Jul  1 20:00:19 UTC 2011
>Originator:     Martin Laabs
>Release:        8.2-STABLE
>Organization:
non
>Environment:
FreeBSD pc.martinlaabs.de 8.2-STABLE FreeBSD 8.2-STABLE #1: Mon Jun  6 13:52:51 CEST 2011     martin@pc.martinlaabs.de:/usr/obj/usr/src/sys/PC_KERNEL  i386

>Description:
The /home directory is mounted via nfs (krbos-secured), IPv6 from the server. Sometimes, and repeatable after starting openoffice gssd produces much network traffic and i am unable to do a "ls" in my home directory. However all file operation and also a "ls" in subdirectories work.
In this state gssd took also lot of CPU power. When stopping or restarting gssd the kernel panics. 

The following nfs related is enabled in my rc.conf file (client side)

nfsuserd_enable="YES"
nfscbd_enable="YES"
nfs_client_enable="YES"
gssd_enable="YES"
rpc_lockd_enable="YES"
rpc_statd_enable="YES"
rpcbind_enable="yes"             # Run the portmapper service (YES/NO).
rpcbind_flags="-i"                # Flags to rpcbind (if enabled).

>How-To-Repeat:
Set up a IPv6 network with kerberos authentification. Enable the NFS server option on this server, put the following line into the /etc/exports

/usr/home  -sec=krb5p <host list>

Mount the directory on a client machine o /home i.e. by putting 

server:/usr/home        /home        nfs   rw       0       0

in your /etc/fstab file and mount /home.

Now start openoffice 3.3.0 and watch the network traffic. When it runs to maximum of you network short after stop the gssd daemon.
>Fix:


>Release-Note:
>Audit-Trail:

From: Martin Laabs <info@martinlaabs.de>
To: bug-followup@FreeBSD.org, spamtrap@martinlaabs.de
Cc:  
Subject: Re: kern/158432: [panic] gssd(8) generate much network traffic and
 led to kernel panic
Date: Fri, 01 Jul 2011 21:38:34 +0200

 Hello,
 
 while in the state gssd generate much network traffic the following 
 messages are written into the /var/heimdal/kdc.log about 150 times a second:
 
 2011-07-01T18:59:23 Failed parsing TGS-REQ from IPv6:2001:xxx:xxx::2
 2011-07-01T18:59:23 Failed to verify AP-REQ: Ticket expired
 
 Best Regards,
   Martin L.
 
>Unformatted:
