Denys Fedoryshchenko a écrit :
Already patched and tested, it doesn't change anything.
We still leak dsts somewhere.
You could try git bisect, or try to patch net/core/dst.c so that
dst_gc_task() (line 83) displays
route informations for say 10 first entries found in the dst_busy_list
(refcnt, interface, source IP, dest IP, things like that) that could
ring a bell given your netfilter rules or network conf.
Maybe you are a litle bit too fast for "ip route flush cache" :)
It used to work like that : schedule a timer to start a flush in
about 2 seconds. A flush meaning : scan the whole table and delete
all entries.
On machines with 4 millions dst entries, this was using too much
time and eventually crashing.
On recent kernels, each rtable entry has a special field named
rt_genid, so that "ip route flush cache" doesnt have to scan the
whole table, but only change the global genid. rtables entries will
be deleted later, when their rt_genid is found to be different than
the global genid.
Please try the patch that was suggested yesterday, as it is probably
the cure your router needs.
http://git2.kernel.org/?p=linux/kernel/git/davem/net-
2.6.git;a=commitdiff;h=7c0ecc4c4f8fd90988aab8a95297b9c0038b6160
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
