On Tue, May 04, 2004 at 01:05:55PM +0200, Thomas Spatzier wrote: > Hi all, > > I'm experiencing a major memory leak if I run a router with IP connection > tracking enabled and packets larger than MTU size. How do you observe such a memory leak? What exact values are you looking at? > If I do a 'ping -f -s 64000 <Host B>' from host A via the router, the > router is losing more then 10 MB of memory per second. > Without connection tracking everything works fine. > > My only glue so far is that the skbuff_head_cache is growing. Connection > tracking has a hook in the IP stack, where it gets hold of packets. If these > packets are fragmented (due to the packet size being larger than MTU size) > they are reassembled by ip_conntrack. So I guess the memory leak might > be somewhere in there. Did you enable support for bridging? There was a bug in the bridging (bridging firewall) code which made it 'forget' to drop the reference count (and thus introduced a memory leak). > Regards, > Thomas. -- - Harald Welte <laforge@netfilter.org> http://www.netfilter.org/ ============================================================================ "Fragmentation is like classful addressing -- an interesting early architectural error that shows how much experimentation was going on while IP was being designed." -- Paul Vixie
Attachment:
signature.asc
Description: Digital signature
