From toasty@dreams.dragondata.com  Thu Feb  4 10:28:10 1999
Received: from dreams.dragondata.com (oven.dragondata.com [204.137.237.253] (may be forged))
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA28470
          for <FreeBSD-gnats-submit@freebsd.org>; Thu, 4 Feb 1999 10:28:09 -0800 (PST)
          (envelope-from toasty@dreams.dragondata.com)
Received: (from toasty@localhost)
	by dreams.dragondata.com (8.9.1/8.9.1) id MAA03181;
	Thu, 4 Feb 1999 12:29:07 -0600 (CST)
	(envelope-from toasty)
Message-Id: <199902041829.MAA03181@dreams.dragondata.com>
Date: Thu, 4 Feb 1999 12:29:07 -0600 (CST)
From: toasty@dragondata.com
Reply-To: toasty@dragondata.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: Heavy traffic renders FreeBSD acting as firewall unusable
X-Send-Pr-Version: 3.2

>Number:         9910
>Category:       kern
>Synopsis:       Heavy traffic renders FreeBSD acting as firewall unusable
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Feb  4 10:30:00 PST 1999
>Closed-Date:    Tue Dec 28 23:39:21 PST 1999
>Last-Modified:  Tue Dec 28 23:39:51 PST 1999
>Originator:     Kevin Day
>Release:        FreeBSD 3.0-RELEASE i386
>Organization:
DragonData Internet Services
>Environment:


FreeBSD 3.0-RELEASE system positioned between my router and my switch,
acting as a firewall, using ipfw.

FreeBSD 3.0-RELEASE #3: Thu Nov 26 01:53:51 CST 1998
    toasty@dreams.dragondata.com:/usr/src/sys/compile/DREAMS
Timecounter "i8254"  frequency 1193182 Hz  cost 3912 ns
Timecounter "TSC"  frequency 200455820 Hz  cost 124 ns
CPU: Pentium/P54C (200.46-MHz 586-class CPU)
  Origin = "GenuineIntel"  Id = 0x52c  Stepping=12
  Features=0x1bf<FPU,VME,DE,PSE,TSC,MSR,MCE,CX8>
real memory  = 67108864 (65536K bytes)
avail memory = 62947328 (61472K bytes)
Probing for devices on PCI bus 0:
chip0: <VIA 82C597 (Apollo VP3) system controller> rev 0x04 on pci0.0.0
chip1: <PCI to PCI bridge (vendor=1106 device=8598)> rev 0x00 on pci0.1.0
chip2: <VIA 82C586 PCI-ISA bridge> rev 0x41 on pci0.7.0
ide_pci0: <VIA 82C586x (Apollo) Bus-master IDE controller> rev 0x06 on
pci0.7.1
chip3: <VIA 82C586B USB host controller> rev 0x02 int d irq 11 on pci0.7.2
chip4: <VIA 82C586B ACPI interface> rev 0x10 on pci0.7.3
xl0: <3Com 3c905B Fast Etherlink XL 10/100BaseTX> rev 0x24 int a irq 10 on
pci0.8.0
xl0: Ethernet address: 00:10:4b:74:fc:cb
xl0: autoneg not complete, no carrier (forcing half-duplex, 10Mbps)
fxp0: <Intel EtherExpress Pro 10/100B Ethernet> rev 0x05 int a irq 12 on
pci0.9.0
fxp0: Ethernet address 00:a0:c9:e5:5c:ad
de0: <Digital 21140A Fast Ethernet> rev 0x22 int a irq 5 on pci0.10.0
de0: 21140A [10-100Mb/s] pass 2.2
de0: address 00:40:05:41:d3:32
vga0: <S3 968 graphics accelerator> rev 0x00 int a irq 9 on pci0.11.0

bash-2.02$ ifconfig -a
xl0: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        ether 00:10:4b:74:fc:cb 
        media: 10baseT/UTP <half-duplex> (autoselect)
        supported media: autoselect 100baseTX <full-duplex> 100baseTX
<half-duplex> 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP <half-duplex>
10baseT/UTP
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 204.137.237.240 netmask 0xffffff00 broadcast 204.137.237.255
        inet 205.253.12.240 netmask 0xffffff00 broadcast 205.253.12.255
        inet 204.137.237.151 netmask 0xffffffff broadcast 204.137.237.151
        ether 00:a0:c9:e5:5c:ad 
        media: autoselect
        supported media: autoselect 100baseTX <full-duplex> 100baseTX
10baseT/UTP <full-duplex> 10baseT/UTP
de0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 204.137.237.253 netmask 0xfffffffc broadcast 204.137.237.255
        inet 205.253.12.253 netmask 0xfffffffc broadcast 205.253.12.255
        ether 00:40:05:41:d3:32 
        media: autoselect (10baseT/UTP) status: active
        supported media: autoselect 100baseTX <full-duplex> 100baseTX
10baseT/UTP <full-duplex> 10baseT/UTP

>Description:

We had a user run the program 'bmb' (available from rootshell, i believe)
directed at a dialup user on another ISP. This program sends packets as
quickly as possible to an address given.

While the server sending the packets was fine (had a load average of .80,
but otherwise no problems), the router was fine (showed about 2MB/sec coming
into its ethernet address) but the firewall wasn't.


Internet <-- Router <-- de0 <- (firewall) -> fxp0 --> switch --> lan

Pinging/telnetting to the address on the fxp0 interface got no response, from
either side of the network.

I got ping responses on the de0 interface address from both the internet
and the lan, a telnet would connect, but i'd never get a login response.

After figuring out what was going on, I killed the program, and everything
returned to normal. The load average on the firewall was still 0.00, 0.00,
0.00 (I know that a lot of what would have been going on was in the kernel
though)

No errors were generated, and I got no clues as to what was happening. The
system was also unresponsive to the console during this. A case of too many
interrupts, perhaps?

>How-To-Repeat:

Try 'bmb' through a firewall system

>Fix:
	

>Release-Note:
>Audit-Trail:

From: Kevin Day <toasty@dragondata.com>
To: FreeBSD-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: kern/9910
Date: Tue, 28 Dec 1999 02:47:55 -0600 (CST)

 I believe this was a case of livelock caused by the 'de0' device. I've since
 run into this again, replace the de0 with an fxp0 card, and can't make it
 happen again.
 
 While this may be a software bug, I'm leaning more towards the de0 card
 spazzing out at 100MB/sec of tiny packets.
 
 Unless anyone wants to keep this open for more investigation, i believe it
 can be closed.
 
 Kevin
 
State-Changed-From-To: open->closed 
State-Changed-By: steve 
State-Changed-When: Tue Dec 28 23:39:21 PST 1999 
State-Changed-Why:  
Originator requested that this be closed. 
>Unformatted:
