resident_k Posted January 27, 2013 Posted January 27, 2013 Иногда один из процессов ng_queue выжирает до 100% одного из CPU при этом у абонентов вырастаю пинги и скорость падает до 1Мбит/с!!!! Тарифные пакеты у абонентов от 8Мбит/с до 80 Мбит/с. СборканаUSBFlash (class10) На сервере терминируется PPtPдо 1500 пользователей при этом прокачивается трафик порядка 800Мбит/с! FreeBSD9.0+IPFW+MPD5.6+BGP Сетевая плата: Intel Gigabit i350-T4 Quad Port Дравердлясетевойплаты: Intel® PRO/1000 Network Connection version - 2.3.7 (последняяверсия) ИспользуетсяLACP: igb0+igb1=lagg1 (Интернет) и igb2+igb3=lagg2 (Локальнаясеть) FreeBSD 9.0-RELEASE-p5 #0 r240161M: Thu Dec 20 00:19:15 EET 2012 (amd64) CPU: Intel® Xeon® CPU E5-2620 0 @ 2.00GHz (2000.04-MHz K8-class CPU) Origin = "GenuineIntel" Id = 0x206d7 Family = 6 Model = 2d Stepping = 7 FreeBSD/SMP: Multiprocessor System Detected: 12 CPUs cat /boot/loader.conf: if_igb_load="YES" net.inet.tcp.tcbhashsize=4096 # netgraph queue sizes tuning, see vmstat -z|egrep 'ITEM|NetGraph' net.graph.maxdata=65536 net.graph.maxalloc=65536 # default outgoing interface queue length # used by lagg etc. net.link.ifqmaxlen=10240 net.inet.tcp.syncache.bucketlimit=100 net.isr.defaultqlimit=4096 kern.ipc.nsfbufs=10240 kern.ipc.nmbclusters="655356" hw.clflush_disable=1 hw.igb.num_queues="4" hw.igb.enable_aim=0 hw.igb.rxd=4096 hw.igb.txd=4096 hw.em.rxd=4096 hw.em.txd=4096 hw.igb.rx_process_limit=4096 hw.em.rx_process_limit=4096 hw.em.fc_setting=0 hw.em.rx_int_delay=200 hw.em.tx_int_delay=200 hw.em.rx_abs_int_delay=4000 hw.em.tx_abs_int_delay=4000 # менялиnet.isr.numthreadsиnet.isr.maxthreadsдомаксимума (12) результат тот же. net.isr.numthreads=1 net.isr.maxthreads=1 kern.ipc.nsfbufs=10240 sysctl -a | grepisr: net.isr.numthreads: 1 net.isr.maxprot: 16 net.isr.defaultqlimit: 4096 net.isr.maxqlimit: 10240 net.isr.bindthreads: 0 net.isr.maxthreads: 1 net.isr.direct: 0 net.isr.direct_force: 0 net.isr.dispatch: deferred net.route.netisr_maxqlen: 10240 netstat–m: 74570/29110/103680 mbufs in use (current/cache/total) 1/4235/4236/655356 mbuf clusters in use (current/cache/total/max) 1/2431 mbuf+clusters out of packet secondary zone in use (current/cache) 0/312/312/327680 4k (page size) jumbo clusters in use (current/cache/total/max) 74476/26075/100551/327680 9k jumbo clusters in use (current/cache/total/max) 0/0/0/81919 16k jumbo clusters in use (current/cache/total/max) 688955K/251670K/940625K bytes allocated to network (current/cache/total) 0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters) 0/0/0 requests for jumbo clusters denied (4k/9k/16k) 0/0/0 sfbufs in use (current/peak/max) 0 requests for sfbufs denied 0 requests for sfbufs delayed 0 requests for I/O initiated by sendfile 0 calls to protocol drain routines vmstat -z|egrep 'ITEM|NetGraph': ITEM SIZE LIMIT USED FREE REQ FAIL SLEEP NetGraph items: 72, 65540, 477, 2017,24491641823, 0, 0 NetGraph data items: 72, 65540, 2, 26504,43335910116, 0, 0 netstat -h 1 input (Total) output packets errsidrops bytes packets errs bytes colls 468k 0 0 329M 520k 0 371M 0 483k 0 0 345M 531k 0 385M 0 478k 0 0 340M 534k 0 387M 0 430k 0 0 302M 474k 0 339M 0 437k 0 0 305M 480k 0 344M 0 411k 0 0 285M 451k 0 319M 0 401k 0 0 274M 445k 0 312M 0 systat–v: 1 users Load 4.68 4.50 4.46 Jan 24 14:35 Mem:KB REAL VIRTUAL VN PAGER SWAP PAGER Tot Share Tot Share Free in out in out Act 206452 8380 1035328 10388 3806100 count All 1494996 9268 1074863k 17012 pages Proc: Interrupts r p d s w CswTrp Sys IntSof Flt 335 cow 114k total 29 476k 2542 27k 101k 27k 972 328 zfod acpi0 9 ozfod 13 ehci0 23 12.5%Sys 20.4%Intr 0.8%User 0.0%Nice 66.3%Idle %ozfod 1125 cpu0:timer | | | | | | | | | | | daefr 4304 igb0:que 0 ======++++++++++> 486 prcfr 7508 igb0:que 1 10 dtbuf 1248 totfr 4453 igb0:que 2 Namei Name-cache Dir-cache 173731 desvnreact 7034 igb0:que 3 Calls hits % hits % 94817 numvnpdwak igb0:link 544 544 100 43431 frevnpdpgs 6971 igb1:que 0 intrn 4656 igb1:que 1 Disks da0 pass0 1816216 wire 7200 igb1:que 2 KB/t 32.00 0.00 79968 act 4613 igb1:que 3 tps 2 0 302892 inact igb1:link MB/s 0.07 0.00 156 cache 7082 igb2:que 0 %busy 31 0 3805944 free 7412 igb2:que 1 635168 buf 7310 igb2:que 2 7099 igb2:que 3 igb2:link 6273 igb3:que 0 6786 igb3:que 1 6617 igb3:que 2 6039 igb3:que 3 igb3:link 1 em0:rx 0 1 em1:rx 0 1126 cpu1:timer 1125 cpu4:timer 1125 cpu7:timer 1125 cpu8:timer 1125 cpu5:timer 1125 cpu9:timer 1125 cpu11:time 1125 cpu2:timer 1125 cpu10:time 1125 cpu3:timer 1125 cpu6:timer Нормальный режим работы: ifconfig | grepng | grep -c UP 984 Top: lastpid: 61704; load averages: 4.30, 4.55, 4.38 up 5+09:21:25 14:25:44 146 processes: 18 running, 87 sleeping, 41 waiting CPU 0: 0.0% user, 0.0% nice, 3.4% system, 37.3% interrupt, 59.3% idle CPU 1: 0.0% user, 0.0% nice, 10.2% system, 22.0% interrupt, 67.8% idle CPU 2: 1.7% user, 0.0% nice, 10.2% system, 11.9% interrupt, 76.3% idle CPU 3: 1.7% user, 0.0% nice, 5.1% system, 32.2% interrupt, 61.0% idle CPU 4: 0.0% user, 0.0% nice, 10.2% system, 28.8% interrupt, 61.0% idle CPU 5: 0.0% user, 0.0% nice, 3.4% system, 15.3% interrupt, 81.4% idle CPU 6: 0.0% user, 0.0% nice, 15.3% system, 10.2% interrupt, 74.6% idle CPU 7: 0.0% user, 0.0% nice, 5.1% system, 18.6% interrupt, 76.3% idle CPU 8: 0.0% user, 0.0% nice, 10.2% system, 11.9% interrupt, 78.0% idle CPU 9: 1.7% user, 0.0% nice, 23.7% system, 5.1% interrupt, 69.5% idle CPU 10: 0.0% user, 0.0% nice, 16.9% system, 18.6% interrupt, 64.4% idle CPU 11: 0.0% user, 0.0% nice, 18.6% system, 6.8% interrupt, 74.6% idle Mem: 76M Active, 296M Inact, 1773M Wired, 156K Cache, 620M Buf, 3719M Free Swap: 1531M Total, 1531M Free PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND 11 root 155 ki31 0K 192K CPU9 9 108.7H 83.15% [idle{idle: cpu9}] 11 root 155 ki31 0K 192K CPU10 10 108.6H 81.15% [idle{idle: cpu10}] 11 root 155 ki31 0K 192K RUN 11 110.1H 77.10% [idle{idle: cpu11}] 11 root 155 ki31 0K 192K CPU7 7 104.5H 74.85% [idle{idle: cpu7}] 11 root 155 ki31 0K 192K RUN 8 105.9H 74.27% [idle{idle: cpu8}] 11 root 155 ki31 0K 192K RUN 1 103.8H 74.07% [idle{idle: cpu1}] 11 root 155 ki31 0K 192K CPU3 3 104.5H 73.78% [idle{idle: cpu3}] 11 root 155 ki31 0K 192K CPU0 0 95.9H 72.17% [idle{idle: cpu0}] 11 root 155 ki31 0K 192K RUN 2 100.0H 71.68% [idle{idle: cpu2}] 11 root 155 ki31 0K 192K RUN 5 102.1H 68.36% [idle{idle: cpu5}] 11 root 155 ki31 0K 192K CPU6 6 102.3H 67.77% [idle{idle: cpu6}] 11 root 155 ki31 0K 192K RUN 4 99.4H 62.79% [idle{idle: cpu4}] 12 root -72 - 0K 720K WAIT 7 46.6H 54.79% [intr{swi1: netisr 0}] 12 root -92 - 0K 720K WAIT 6 658:07 25.78% [intr{irq263: igb1:que}] 12 root -92 - 0K 720K CPU4 4 649:51 21.58% [intr{irq261: igb1:que}] 12 root -92 - 0K 720K WAIT 3 632:25 18.16% [intr{irq259: igb0:que}] 12 root -92 - 0K 720K WAIT 7 674:57 16.89% [intr{irq264: igb1:que}] 12 root -92 - 0K 720K CPU5 5 685:41 16.16% [intr{irq262: igb1:que}] 12 root -92 - 0K 720K WAIT 1 631:14 15.19% [intr{irq257: igb0:que}] 12 root -92 - 0K 720K WAIT 2 652:31 14.99% [intr{irq258: igb0:que}] 12 root -92 - 0K 720K WAIT 0 636:24 14.79% [intr{irq256: igb0:que}] 1896 root -16 - 0K 192K sleep 3 670:48 10.25% [ng_queue{ng_queue10}] 1896 root -16 - 0K 192K sleep 8 573:53 10.25% [ng_queue{ng_queue9}] 1896 root -16 - 0K 192K sleep 11 551:53 10.16% [ng_queue{ng_queue8}] 1896 root -16 - 0K 192K sleep 2 575:53 10.06% [ng_queue{ng_queue3}] 1896 root -16 - 0K 192K sleep 8 532:20 9.96% [ng_queue{ng_queue2}] 1896 root -16 - 0K 192K sleep 8 562:24 9.86% [ng_queue{ng_queue0}] 1896 root -16 - 0K 192K sleep 2 547:55 9.86% [ng_queue{ng_queue7}] 1896 root -16 - 0K 192K sleep 2 529:00 9.86% [ng_queue{ng_queue4}] 1896 root -16 - 0K 192K CPU5 2 525:28 9.86% [ng_queue{ng_queue1}] 1896 root -16 - 0K 192K sleep 10 581:29 9.77% [ng_queue{ng_queue5}] 1896 root -16 - 0K 192K sleep 2 553:10 9.77% [ng_queue{ng_queue11}] 1896 root -16 - 0K 192K sleep 8 521:01 9.57% [ng_queue{ng_queue6}] 64904 root 26 0 329M 150M select 2 71:51 8.89% /usr/local/sbin/mpd5 -p /var/run/mpd5.pid -b{mpd5} 1905 root 27 0 33996K 9184K select 6 237:09 7.08% /usr/local/sbin/zebra –d Не нормальная работа: lastpid: 68212; load averages: 4.50, 4.68, 4.56 up 5+09:40:51 14:45:10 146 processes: 16 running, 86 sleeping, 44 waiting CPU 0: 0.0% user, 0.0% nice, 5.5% system, 20.0% interrupt, 74.5% idle CPU 1: 1.8% user, 0.0% nice, 12.7% system, 12.7% interrupt, 72.7% idle CPU 2: 0.0% user, 0.0% nice, 18.2% system, 12.7% interrupt, 69.1% idle CPU 3: 0.0% user, 0.0% nice, 14.5% system, 14.5% interrupt, 70.9% idle CPU 4: 0.0% user, 0.0% nice, 7.3% system, 18.2% interrupt, 74.5% idle CPU 5: 0.0% user, 0.0% nice, 5.5% system, 16.4% interrupt, 78.2% idle CPU 6: 0.0% user, 0.0% nice, 21.8% system, 3.6% interrupt, 74.5% idle CPU 7: 0.0% user, 0.0% nice, 21.8% system, 10.9% interrupt, 67.3% idle CPU 8: 0.0% user, 0.0% nice, 14.5% system, 5.5% interrupt, 80.0% idle CPU 9: 1.8% user, 0.0% nice, 12.7% system, 3.6% interrupt, 81.8% idle CPU 10: 0.0% user, 0.0% nice, 30.9% system, 7.3% interrupt, 61.8% idle CPU 11: 0.0% user, 0.0% nice, 27.3% system, 9.1% interrupt, 63.6% idle Mem: 79M Active, 295M Inact, 1774M Wired, 156K Cache, 620M Buf, 3716M Free Swap: 1531M Total, 1531M Free PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND 1896 root -16 - 0K 192K CPU11 11 524:27 100.00% [ng_queue{ng_queue6}] 11 root 155 ki31 0K 192K CPU3 3 104.8H 79.98% [idle{idle: cpu3}] 11 root 155 ki31 0K 192K CPU2 2 100.2H 78.08% [idle{idle: cpu2}] 11 root 155 ki31 0K 192K RUN 1 104.0H 77.69% [idle{idle: cpu1}] 11 root 155 ki31 0K 192K CPU7 7 104.8H 77.59% [idle{idle: cpu7}] 11 root 155 ki31 0K 192K CPU0 0 96.1H 76.56% [idle{idle: cpu0}] 11 root 155 ki31 0K 192K CPU6 6 102.5H 74.56% [idle{idle: cpu6}] 11 root 155 ki31 0K 192K RUN 4 99.6H 74.46% [idle{idle: cpu4}] 11 root 155 ki31 0K 192K CPU10 10 108.9H 73.78% [idle{idle: cpu10}] 11 root 155 ki31 0K 192K RUN 11 110.4H 72.36% [idle{idle: cpu11}] 11 root 155 ki31 0K 192K CPU9 9 109.0H 72.07% [idle{idle: cpu9}] 11 root 155 ki31 0K 192K CPU5 5 102.3H 71.48% [idle{idle: cpu5}] 11 root 155 ki31 0K 192K CPU8 8 106.1H 64.06% [idle{idle: cpu8}] 12 root -72 - 0K 720K WAIT 10 46.8H 52.88% [intr{swi1: netisr 0}] 1896 root -16 - 0K 192K sleep 6 534:44 9.08% [ng_queue{ng_queue2}] 1896 root -16 - 0K 192K CPU6 6 527:53 9.08% [ng_queue{ng_queue1}] 64904 root 26 0 329M 151M select 9 74:06 9.08% /usr/local/sbin/mpd5 -p /var/run/mpd5.pid -b{mpd5} 1896 root -16 - 0K 192K sleep 5 576:22 8.89% [ng_queue{ng_queue9}] 1896 root -16 - 0K 192K sleep 1 555:34 8.89% [ng_queue{ng_queue11}] 1896 root -16 - 0K 192K sleep 8 673:20 8.79% [ng_queue{ng_queue10}] 12 root -92 - 0K 720K WAIT 4 653:19 8.69% [intr{irq261: igb1:que}] 1896 root -16 - 0K 192K sleep 1 531:44 8.69% [ng_queue{ng_queue4}] 1896 root -16 - 0K 192K sleep 0 564:58 8.59% [ng_queue{ng_queue0}] 1896 root -16 - 0K 192K sleep 1 554:19 8.59% [ng_queue{ng_queue8}] 1896 root -16 - 0K 192K sleep 7 578:18 8.50% [ng_queue{ng_queue3}] 12 root -92 - 0K 720K WAIT 0 639:35 8.40% [intr{irq256: igb0:que}] 12 root -92 - 0K 720K WAIT 1 634:15 8.40% [intr{irq257: igb0:que}] 1896 root -16 - 0K 192K sleep 8 550:23 8.40% [ng_queue{ng_queue7}] 1896 root -16 - 0K 192K sleep 3 584:08 8.25% [ng_queue{ng_queue5}] 1905 root 34 0 33996K 9184K select 6 238:33 8.15% /usr/local/sbin/zebra -d 12 root -92 - 0K 720K CPU7 7 678:14 7.96% [intr{irq264: igb1:que}] 12 root -92 - 0K 720K WAIT 6 661:14 7.86% [intr{irq263: igb1:que}] 12 root -92 - 0K 720K WAIT 3 635:40 7.76% [intr{irq259: igb0:que}] 12 root -92 - 0K 720K WAIT 5 688:40 7.57% [intr{irq262: igb1:que}] 12 root -92 - 0K 720K WAIT 2 655:33 7.37% [intr{irq258: igb0:que}] netstat -h 1: input (Total) output packets errsidrops bytes packets errs bytes colls 425k 0 0 285M 480k 0 332M 0 421k 0 0 289M 474k 0 335M 0 409k 0 0 275M 465k 0 324M 0 405k 0 0 271M 456k 0 315M 0 413k 0 0 276M 472k 0 324M 0 421k 0 0 285M 480k 0 335M 0 419k 0 0 285M 479k 0 333M 0 vmstat -z | egrep 'ITEM|NetGraph': ITEM SIZE LIMIT USED FREE REQ FAIL SLEEP NetGraph items: 72, 65540, 478, 2016,24716647593, 0, 0 NetGraph data items: 72, 65540, 5985, 20521,43773840319, 0, 0 systat–v: 1 users Load 4.65 4.56 4.37 Jan 24 15:29 Mem:KB REAL VIRTUAL VN PAGER SWAP PAGER Tot Share Tot Share Free in out in out Act 215108 8380 1077840 10388 3796396 count All 1505032 9268 1074906k 17012 pages Proc: Interrupts r p d s w CswTrp Sys IntSof Flt 4191 cow 86868 total 1 4 30 369k 25k 30k 76k 16k 19k 12573 zfod acpi0 9 ozfod ehci0 23 16.7%Sys 8.3%Intr 8.3%User 0.0%Nice 66.7%Idle %ozfod 889 cpu0:timer | | | | | | | | | | | daefr 4191 igb0:que 0 ========+++++>>>> 8509 prcfr 5207 igb0:que 1 17 dtbuf 39624 totfr 2286 igb0:que 2 Namei Name-cache Dir-cache 173731 desvn react 5080 igb0:que 3 Calls hits % hits % 94818 numvnpdwak igb0:link 35 35 100 43431 frevnpdpgs 4191 igb1:que 0 intrn 3048 igb1:que 1 Disks da0 pass0 1817848 wire 5334 igb1:que 2 KB/t 0.00 0.00 86188 act 3302 igb1:que 3 tps 0 0 304652 inact igb1:link MB/s 0.00 0.00 156 cache 4445 igb2:que 0 %busy 0 0 3796332 free 5461 igb2:que 1 635168 buf 5842 igb2:que 2 5842 igb2:que 3 igb2:link 5334 igb3:que 0 5334 igb3:que 1 5969 igb3:que 2 5334 igb3:que 3 igb3:link em0:rx 0 em1:rx 0 889 cpu1:timer 889 cpu4:timer 889 cpu7:timer 889 cpu8:timer 889 cpu5:timer 889 cpu9:timer 889 cpu11:time 889 cpu2:timer 889 cpu10:time 889 cpu3:timer 889 cpu6:timer Вставить ник Quote
resident_k Posted January 28, 2013 Author Posted January 28, 2013 NAT используете? нет Вставить ник Quote
roysbike Posted January 28, 2013 Posted January 28, 2013 у меня такая проблема была , когда я использовал ipfw nat. Вставить ник Quote
resident_k Posted January 28, 2013 Author Posted January 28, 2013 netflow из мпд льётся? да Вставить ник Quote
Ivan_83 Posted January 28, 2013 Posted January 28, 2013 Поищите по форуму, вроде такая проблема уже всплывала. Помогал перенос сбора netflow в другое место - на др сервер. Вставить ник Quote
resident_k Posted January 28, 2013 Author Posted January 28, 2013 (edited) Поищите по форуму, вроде такая проблема уже всплывала. Помогал перенос сбора netflow в другое место - на др сервер. Прием netflow идет на другом сервере На этом сервере только собираем статистику Edited January 28, 2013 by resident_k Вставить ник Quote
resident_k Posted January 28, 2013 Author Posted January 28, 2013 Отключите и посмотрите. попробуем Вставить ник Quote
resident_k Posted February 4, 2013 Author Posted February 4, 2013 Отключите и посмотрите. попробуем В общем, ситуация такая - отключили netflow и это помогло. Но на другом сервере все работает и при включенном netflow и таких проблем не возникает. На другом сервере версия FreeBSD 8.0 и netflow - 5 версия. Попробовали на проблемном сервере откатить версию netflow до 5-ой не помогло. Может кто-то сталкивался и решил эту проблему? Вставить ник Quote
Hawk128 Posted February 4, 2013 Posted February 4, 2013 МПД создает нетфлоу ноды для каждого линка. Создайте сами одну нетфлоу ноду для всех пользователей и заверните туда нужный трафик через правила ipfw. Есть почти ничего не будет. Вставить ник Quote
resident_k Posted February 4, 2013 Author Posted February 4, 2013 МПД создает нетфлоу ноды для каждого линка. Создайте сами одну нетфлоу ноду для всех пользователей и заверните туда нужный трафик через правила ipfw. Есть почти ничего не будет. не делали таким образом. примерчика нет? Вставить ник Quote
Hawk128 Posted February 4, 2013 Posted February 4, 2013 (edited) Создание ноды: #!/bin/sh case "$1" in start) ngctl -f - << SEQ mkpeer ipfw: netflow 210 iface0 name ipfw:210 netflow connect ipfw: netflow: 220 iface1 msg netflow: setdlt { iface=0 dlt=12 } msg netflow: setdlt { iface=1 dlt=12 } mkpeer netflow: ksocket export inet/dgram/udp name netflow:export ksocket msg ksocket: connect inet/192.168.0.14:9996 SEQ ;; stop) echo "Stopping full netflow." ngctl shutdown ksocket: ngctl shutdown netflow: echo "Ok." ;; esac Правила файера для заворота: ${fw} add 210 ngtee 210 ip from not 'table(20)' to 'table(20)' out ${fw} add 220 ngtee 220 ip from 'table(20)' to not 'table(20)' in Если нужна 9-ка, с этой же ноды есть хук. Edited February 4, 2013 by Hawk128 Вставить ник Quote
boco Posted February 4, 2013 Posted February 4, 2013 а чем не устраивает классическое навешивание ng_netflow на ng_ether (на внешний интерфейс браса)? imho, гораздо проще и не насилует фаервол Вставить ник Quote
Hawk128 Posted February 4, 2013 Posted February 4, 2013 В моем случае не вышло. на брасе еще и НАТ. и белые... Сделал так, не особо и насилуется, гиг вход и полгига выход выливает без заметной нагрузки. + можно четко определить с и на что считать, а что просто пропустить Вставить ник Quote
resident_k Posted February 4, 2013 Author Posted February 4, 2013 (edited) Создание ноды: Правила файера для заворота: ${fw} add 210 ngtee 210 ip from not 'table(20)' to 'table(20)' out ${fw} add 220 ngtee 220 ip from 'table(20)' to not 'table(20)' in попробовал правила IPFW: 01100 allow ip from not table(1) to 195.238.xxx.0/22,194.28.xx.0/22,91.199.xxx.0/24,91.225.xx.0/22,91.203.xxx.0/24 out 01200 skipto 3000 ip from 195.238.xxx.0/22,194.28.xx.0/22,91.199.xxx.0/24,91.225.xx.0/22,91.203.xxx.0/24 to any in Сам файл: # cat ng_netflow22.sh #!/bin/sh /usr/sbin/ngctl -f - << SEQ mkpeer ipfw: netflow 1100 iface0 name ipfw:1100 netflow connect ipfw: netflow: 1200 iface1 msg netflow: setdlt { iface=0 dlt=12 } msg netflow: setdlt { iface=1 dlt=12 } mkpeer netflow: ksocket export inet/dgram/udp name netflow:export ksocket msg ksocket: connect inet/10.24.81.1:5525 SEQ Пробую выполнить: # ./ng_netflow22.sh ngctl: send msg: No such file or directory ngctl: line 1: error in file # не выполняется для справки # kldstat Id Refs Address Size Name 1 48 0xffffffff80200000 9e46e0 kernel 2 1 0xffffffff80be5000 31f10 if_igb.ko 3 1 0xffffffff80c17000 c090 if_lagg.ko 4 1 0xffffffff80e12000 46e5 linprocfs.ko 5 1 0xffffffff80e17000 1ec65 linux.ko 6 1 0xffffffff80e36000 1cc9 ng_socket.ko 7 12 0xffffffff80e38000 9152 netgraph.ko 8 1 0xffffffff80e42000 18a2 ng_mppc.ko 9 1 0xffffffff80e44000 297 rc4.ko 10 1 0xffffffff80e45000 a45 ng_tee.ko 11 1 0xffffffff80e46000 1bc9 ng_pptpgre.ko 12 1 0xffffffff80e48000 215d ng_ksocket.ko 13 1 0xffffffff80e4b000 146d ng_iface.ko 14 1 0xffffffff80e4d000 47a5 ng_ppp.ko 15 1 0xffffffff80e52000 1f72 ng_vjc.ko 16 1 0xffffffff80e54000 41f1 ng_netflow.ko 17 1 0xffffffff80e59000 a69 ng_tcpmss.ko 18 1 0xffffffff80e5a000 1d25 ng_bpf.ko 19 1 0xffffffff80e5c000 1545 ng_car.ko 20 1 0xffffffff80e5e000 5399 tmpfs.ko Edited February 4, 2013 by resident_k Вставить ник Quote
Ivan_83 Posted February 4, 2013 Posted February 4, 2013 Запускаете /usr/sbin/ngctl и вводите построчно, смотрите где вывалится. Загруженные модули - фигня, нетграф ноды сами грузятся по мере необходимости. ngctl list ngctl show для просмотра чего с чем уже есть. Вставить ник Quote
Hawk128 Posted February 5, 2013 Posted February 5, 2013 С нодой построчно, как предложили выше. А вот с правилами то же чего-то не пойму что вы хотите ими получить? Я привел пример в ngtee завернуть, у вас просто разрешающее и перекидывающее... Вставить ник Quote
boco Posted February 5, 2013 Posted February 5, 2013 Загруженные модули - фигня, нетграф ноды сами грузятся по мере необходимости. я столкнулся с необходимостью вручную грузить ng_ether и ng_ipfw. возможно, какие-то еще, но эти два - точно. Вставить ник Quote
resident_k Posted February 5, 2013 Author Posted February 5, 2013 Загруженные модули - фигня, нетграф ноды сами грузятся по мере необходимости. я столкнулся с необходимостью вручную грузить ng_ether и ng_ipfw. возможно, какие-то еще, но эти два - точно. правила не добавлялись без: # kldload ng_ipfw # kldload ng_ether ipfw: 01099 ngtee 1099 ip from not table(20) to table(20) out 01199 ngtee 1199 ip from table(20) to not table(20) in # cat ng_netflow22.sh #!/bin/sh /usr/sbin/ngctl -f- <<-SEQ mkpeer ipfw: netflow 1099 iface0 name ipfw:1100 netflow connect ipfw: netflow: 1199 iface1 msg netflow: setdlt { iface=0 dlt=12 } msg netflow: setdlt { iface=1 dlt=12 } mkpeer netflow: ksocket export inet/dgram/udp name netflow:export ksocket msg ksocket: connect inet/10.24.81.1:5525 SEQ # ./ng_netflow22.sh ngctl: send msg: No such file or directory ngctl: line 2: error in file пробуем вручную: # ngctl Available commands: config get or set configuration of node at <path> connect Connects hook <peerhook> of the node at <relpath> to <hook> debug Get/set debugging verbosity level dot Produce a GraphViz (.dot) of the entire netgraph. help Show command summary or get more help on a specific command list Show information about all nodes mkpeer Create and connect a new node to the node at "path" msg Send a netgraph control message to the node at "path" name Assign name <name> to the node at <path> read Read and execute commands from a file rmhook Disconnect hook "hook" of the node at "path" show Show information about the node at <path> shutdown Shutdown the node at <path> status Get human readable status information from the node at <path> types Show information about all installed node types write Send a data packet down the hook named by "hook". quit Exit program + mkpeer ipfw: netflow 1099 iface0 ngctl: send msg: File exists + # uname -a FreeBSD mpd_27 9.0-RELEASE-p5 FreeBSD 9.0-RELEASE-p5 #0 r240161M: Thu Dec 20 00:19:15 EET 2012 root@mpd_27:/usr/obj/usr/src/sys/MPD_27_20122012 amd64 Вставить ник Quote
boco Posted February 5, 2013 Posted February 5, 2013 "name ipfw:1100 netflow", а ранее вы создаете ipfw:1099 Вставить ник Quote
resident_k Posted February 5, 2013 Author Posted February 5, 2013 "name ipfw:1100 netflow", а ранее вы создаете ipfw:1099 # cat ng_netflow22.sh #!/bin/sh /usr/sbin/ngctl -f- <<-SEQ mkpeer ipfw: netflow 1099 iface0 name ipfw:1099 netflow connect ipfw: netflow: 1199 iface1 msg netflow: setdlt { iface=0 dlt=12 } msg netflow: setdlt { iface=1 dlt=12 } mkpeer netflow: ksocket export inet/dgram/udp name netflow:export ksocket msg ksocket: connect inet/10.24.81.1:5525 SEQ # ./ng_netflow22.sh ngctl: send msg: File exists ngctl: line 1: error in file результат тот же! Вставить ник Quote
Hawk128 Posted February 5, 2013 Posted February 5, 2013 пишет же, что такая нода и/или связь уже есть. Удалите ноды. Вставить ник Quote
resident_k Posted February 5, 2013 Author Posted February 5, 2013 пишет же, что такая нода и/или связь уже есть. Удалите ноды. # /usr/local/etc/scripts/ng_netflow22.sh ngctl: send msg: No such file or directory ngctl: line 1: error in file # ngctl list There are 13 total nodes: Name: <unnamed> Type: mppc ID: 00000049 Num hooks: 1 Name: <unnamed> Type: mppc ID: 00000048 Num hooks: 1 Name: <unnamed> Type: ksocket ID: 00000040 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 0000003f Num hooks: 2 Name: ng0 Type: iface ID: 00000045 Num hooks: 1 Name: mpd1972-cso Type: socket ID: 00000004 Num hooks: 0 Name: mpd1972-eso Type: socket ID: 00000005 Num hooks: 0 Name: mpd1972-lso Type: socket ID: 00000003 Num hooks: 1 Name: mpd1972-B-1-mss Type: tcpmss ID: 0000004a Num hooks: 2 Name: mpd1972-B-1 Type: ppp ID: 00000046 Num hooks: 5 Name: ngctl2546 Type: socket ID: 0000010d Num hooks: 0 Name: mpd1972-stats Type: socket ID: 00000047 Num hooks: 0 Name: mpd1972-L-1-lt Type: tee ID: 0000003d Num hooks: 2 # ngctl show . Name: ngctl2547 Type: socket ID: 0000011c Num hooks: 0 после запуска мпд: # ngctl list There are 518 total nodes: Name: <unnamed> Type: car ID: 000005ee Num hooks: 2 Name: <unnamed> Type: car ID: 000005ed Num hooks: 2 Name: <unnamed> Type: mppc ID: 000005ea Num hooks: 1 Name: <unnamed> Type: mppc ID: 000005e9 Num hooks: 1 Name: <unnamed> Type: car ID: 000005e6 Num hooks: 2 Name: <unnamed> Type: car ID: 000005e5 Num hooks: 2 Name: <unnamed> Type: car ID: 000005dc Num hooks: 2 Name: <unnamed> Type: car ID: 000005db Num hooks: 2 Name: <unnamed> Type: mppc ID: 000005d8 Num hooks: 1 Name: <unnamed> Type: mppc ID: 000005d7 Num hooks: 1 Name: <unnamed> Type: ksocket ID: 000005d4 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 000005d3 Num hooks: 2 Name: <unnamed> Type: ksocket ID: 000005d0 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 000005cf Num hooks: 2 Name: <unnamed> Type: ksocket ID: 000005cb Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 000005ca Num hooks: 2 Name: <unnamed> Type: car ID: 000005be Num hooks: 2 Name: <unnamed> Type: car ID: 000005bd Num hooks: 2 Name: <unnamed> Type: mppc ID: 000005ba Num hooks: 1 Name: <unnamed> Type: mppc ID: 000005b9 Num hooks: 1 Name: <unnamed> Type: ksocket ID: 000005b5 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 000005b4 Num hooks: 2 Name: <unnamed> Type: car ID: 000005ab Num hooks: 2 Name: <unnamed> Type: car ID: 000005aa Num hooks: 2 Name: <unnamed> Type: ksocket ID: 00000599 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 00000598 Num hooks: 2 Name: <unnamed> Type: car ID: 00000562 Num hooks: 2 Name: <unnamed> Type: car ID: 00000561 Num hooks: 2 Name: <unnamed> Type: ksocket ID: 00000558 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 00000557 Num hooks: 2 Name: <unnamed> Type: car ID: 00000554 Num hooks: 2 Name: <unnamed> Type: car ID: 00000553 Num hooks: 2 Name: <unnamed> Type: ksocket ID: 0000054d Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 0000054c Num hooks: 2 Name: <unnamed> Type: car ID: 00000549 Num hooks: 2 Name: <unnamed> Type: car ID: 00000548 Num hooks: 2 Name: <unnamed> Type: mppc ID: 00000545 Num hooks: 1 Name: <unnamed> Type: mppc ID: 00000544 Num hooks: 1 Name: <unnamed> Type: ksocket ID: 00000540 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 0000053f Num hooks: 2 Name: <unnamed> Type: car ID: 0000053c Num hooks: 2 Name: <unnamed> Type: car ID: 0000053b Num hooks: 2 Name: <unnamed> Type: car ID: 00000532 Num hooks: 2 Name: <unnamed> Type: car ID: 00000531 Num hooks: 2 Name: <unnamed> Type: mppc ID: 0000052e Num hooks: 1 Name: <unnamed> Type: mppc ID: 0000052d Num hooks: 1 Name: <unnamed> Type: ksocket ID: 0000052a Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 00000529 Num hooks: 2 Name: <unnamed> Type: ksocket ID: 00000524 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 00000523 Num hooks: 2 Name: <unnamed> Type: car ID: 0000051a Num hooks: 2 Name: <unnamed> Type: car ID: 00000519 Num hooks: 2 Name: <unnamed> Type: mppc ID: 00000516 Num hooks: 1 Name: <unnamed> Type: mppc ID: 00000515 Num hooks: 1 Name: <unnamed> Type: car ID: 00000507 Num hooks: 2 Name: <unnamed> Type: car ID: 00000506 Num hooks: 2 Name: <unnamed> Type: mppc ID: 00000503 Num hooks: 1 Name: <unnamed> Type: mppc ID: 00000502 Num hooks: 1 Name: <unnamed> Type: ksocket ID: 000004ff Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 000004fe Num hooks: 2 Name: <unnamed> Type: car ID: 000004f7 Num hooks: 2 Name: <unnamed> Type: car ID: 000004f6 Num hooks: 2 Name: <unnamed> Type: ksocket ID: 000004f1 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 000004f0 Num hooks: 2 Name: <unnamed> Type: ksocket ID: 000004ec Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 000004eb Num hooks: 2 Name: <unnamed> Type: car ID: 000004e3 Num hooks: 2 Name: <unnamed> Type: car ID: 000004e2 Num hooks: 2 Name: <unnamed> Type: mppc ID: 000004df Num hooks: 1 Name: <unnamed> Type: mppc ID: 000004de Num hooks: 1 Name: <unnamed> Type: ksocket ID: 000004d6 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 000004d5 Num hooks: 2 Name: <unnamed> Type: car ID: 000004c4 Num hooks: 2 Name: <unnamed> Type: car ID: 000004c3 Num hooks: 2 Name: <unnamed> Type: ksocket ID: 000004bd Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 000004bc Num hooks: 2 Name: <unnamed> Type: car ID: 0000047b Num hooks: 2 Name: <unnamed> Type: car ID: 0000047a Num hooks: 2 Name: <unnamed> Type: ksocket ID: 00000474 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 00000473 Num hooks: 2 Name: <unnamed> Type: car ID: 0000046f Num hooks: 2 Name: <unnamed> Type: car ID: 0000046e Num hooks: 2 Name: <unnamed> Type: mppc ID: 0000046b Num hooks: 1 Name: <unnamed> Type: mppc ID: 0000046a Num hooks: 1 Name: <unnamed> Type: car ID: 00000463 Num hooks: 2 Name: <unnamed> Type: car ID: 00000462 Num hooks: 2 Name: <unnamed> Type: car ID: 0000045d Num hooks: 2 Name: <unnamed> Type: car ID: 0000045c Num hooks: 2 Name: <unnamed> Type: ksocket ID: 00000453 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 00000452 Num hooks: 2 Name: <unnamed> Type: car ID: 0000044e Num hooks: 2 Name: <unnamed> Type: car ID: 0000044d Num hooks: 2 Name: <unnamed> Type: ksocket ID: 00000448 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 00000447 Num hooks: 2 Name: <unnamed> Type: ksocket ID: 00000440 Num hooks: 1 Name: <unnamed> Type: pptpgre ID: 0000043f Num hooks: 2 Name: <unnamed> Type: ksocket ID: 0000043c Num hooks: 1 Name: <unnamed> Type: pptpgre ID.. и т.д. Вставить ник Quote
.png.5d2afa2996cc6a85d0f2c09b92dd0a28.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.