help:FreeBSD4.8+IP Filter: v3.4.32,and error:/kernel: in_cksum: out
of data by 3
chenbo
chenbo at egotop.com
Mon Mar 15 00:47:28 PST 2004
Hi:
I have installed the FreeBSD4.8 and IP Filter3.4.32.
The FreeBSD BOX is used to NAT.
But , i always get the messages "in_cksum: out of data by 3" , And the IP Packets always are droped.
How to resolve the problem?
the message is:
cat /var/log/messages
Mar 8 17:13:49 nat /kernel: in_cksum: out of data by 2
Mar 8 17:14:19 nat last message repeated 4 times
Mar 8 20:10:03 nat /kernel: in_cksum: out of data by 4
Mar 9 11:59:47 nat /kernel: in_cksum: out of data by 2
Mar 9 11:59:48 nat /kernel: in_cksum: out of data by 2
Mar 9 12:40:06 nat /kernel: in_cksum: out of data by 2
Mar 9 13:32:47 nat /kernel: in_cksum: out of data by 2
Mar 9 17:27:48 nat /kernel: in_cksum: out of data by 2
Mar 9 17:28:16 nat last message repeated 3 times
Mar 9 17:37:19 nat /kernel: in_cksum: out of data by 3
Mar 9 18:04:03 nat /kernel: in_cksum: out of data by 1
Mar 9 19:35:19 nat /kernel: in_cksum: out of data by 2
Mar 9 19:35:23 nat last message repeated 2 times
Mar 10 09:27:43 nat /kernel: in_cksum: out of data by 2
Mar 10 15:43:08 nat /kernel: in_cksum: out of data by 3
Mar 10 15:43:09 nat /kernel: in_cksum: out of data by 3
Mar 10 19:22:34 nat /kernel: in_cksum: out of data by 2
Mar 10 19:22:55 nat last message repeated 4 times
Mar 12 19:30:00 nat /kernel: in_cksum: out of data by 3
Mar 12 20:48:29 nat /kernel: in_cksum: out of data by 3
Mar 13 13:56:40 nat /kernel: in_cksum: out of data by 3
Mar 13 15:45:40 nat /kernel: in_cksum: out of data by 1
Mar 13 16:25:45 nat /kernel: in_cksum: out of data by 3
Mar 13 16:25:53 nat /kernel: in_cksum: out of data by 3
Mar 13 18:28:38 nat /kernel: in_cksum: out of data by 2
Mar 13 18:42:54 nat /kernel: in_cksum: out of data by 3
Mar 13 18:42:57 nat last message repeated 2 times
Mar 13 19:04:05 nat /kernel: in_cksum: out of data by 1
Mar 13 19:33:58 nat /kernel: in_cksum: out of data by 3
Mar 13 19:34:16 nat last message repeated 3 times
Mar 15 16:06:10 nat /kernel: in_cksum: out of data by 1
Mar 15 16:06:37 nat last message repeated 4 times
the system information is:
nat# netstat -m
213/432/240000 mbufs in use (current/peak/max):
213 mbufs allocated to data
211/432/60000 mbuf clusters in use (current/peak/max)
972 Kbytes allocated to network (0% of mb_map in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines
nat# netstat -in
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
fxp0 1500 <Link#1> xx:xx:xx:xx:xx:xx 3630613020 14 3601258558 0 0
fxp0 1500 xx.xx.xx.xx xx.xx.xx.xx 7201 - 1332493 - -
xl0 1500 <Link#2> xx:xx:xx:xx:xx:xx 4036405001 1 3534131265 0 0
xl0 1500 xx.xx.xx.xx xx.xx.xx.xx 285499286 - 11105 - -
xl0 1500 xx.xx.xx.xx xx.xx.xx.xx 4058 - 0 - -
ppp0* 1500 <Link#3> 0 0 0 0 0
lo0 16384 <Link#4> 28 0 28 0 0
lo0 16384 127 127.0.0.1 0 - 0 - -
nat#
nat# vmstat 1
procs memory page disk faults cpu
r b w avm fre flt re pi po fr sr ad0 in sy cs us sy id
0 0 0 27516 790040 1 0 0 0 1 0 0 746 14 6 0 17 83
0 0 0 27516 790036 5 0 0 0 0 0 0 19842 23 8 0 40 60
0 0 0 27516 790036 3 0 0 0 0 0 0 19614 23 8 0 46 54
0 0 0 27516 790036 3 0 0 0 0 0 3 20335 23 8 0 37 63
0 0 0 27516 790036 3 0 0 0 0 0 0 20996 23 8 0 49 51
0 0 0 27516 790036 3 0 0 0 0 0 1 19973 23 9 0 45 55
0 0 0 27516 790036 3 0 0 0 0 0 0 20990 23 8 0 42 58
0 0 0 27516 790036 3 0 0 0 0 0 0 20368 27 9 0 43 57
^C
nat# cat /boot/loader.conf
userconfig_script_load="YES"
hw.ata.wc="1"
kern.ipc.nmbclusters="60000"
nat# cat /etc/sysctl.conf
vfs.vmiodirenable=1
kern.ipc.maxsockbuf=2097152
kern.ipc.somaxconn=8192
kern.ipc.maxsockets=16424
kern.maxfiles=65536
kern.maxfilesperproc=32768
net.inet.tcp.rfc1323=1
net.inet.tcp.delayed_ack=0
net.inet.tcp.sendspace=65535
net.inet.tcp.recvspace=65535
net.inet.udp.recvspace=65535
net.inet.udp.maxdgram=57344
net.local.stream.recvspace=65535
net.local.stream.sendspace=65535
net.inet.ipf.fr_tcpidletimeout=7200
net.inet.ipf.fr_tcpclosewait=120
net.inet.ipf.fr_tcplastack=120
net.inet.ipf.fr_tcptimeout=240
net.inet.ipf.fr_tcpclosed=60
net.inet.ipf.fr_tcphalfclosed=300
net.inet.ipf.fr_udptimeout=90
net.inet.ipf.fr_icmptimeout=35
net.link.ether.inet.log_arp_wrong_iface=0
net.inet.icmp.drop_redirect=1
net.inet.icmp.icmplim_output=0
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
net.inet.icmp.icmplim=300
nat# ipnat -l |wc
31572 279674 2310903
Dec 31 19:40:59 nat /kernel: Copyright (c) 1992-2003 The FreeBSD Project.
Dec 31 19:40:59 nat /kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
Dec 31 19:40:59 nat /kernel: The Regents of the University of California. All rights reserved.
Dec 31 19:40:59 nat /kernel: FreeBSD 4.8-RELEASE #1: Fri Sep 12 09:04:24 CST 2003
Dec 31 19:40:59 nat /kernel: Timecounter "i8254" frequency 1193182 Hz
Dec 31 19:40:59 nat /kernel: Timecounter "TSC" frequency 2398856292 Hz
Dec 31 19:40:59 nat /kernel: CPU: Intel(R) Pentium(R) 4 CPU 2.40GHz (2398.86-MHz 686-class CPU)
Dec 31 19:40:59 nat /kernel: Origin = "GenuineIntel" Id = 0xf29 Stepping = 9
Dec 31 19:40:59 nat /kernel: Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS
,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
Dec 31 19:40:59 nat /kernel: real memory = 1065353216 (1040384K bytes)
Dec 31 19:40:59 nat /kernel: avail memory = 1033474048 (1009252K bytes)
Dec 31 19:40:59 nat /kernel: Preloaded elf kernel "kernel" at 0xc02f0000.
Dec 31 19:40:59 nat /kernel: Pentium Pro MTRR support enabled
Dec 31 19:40:59 nat /kernel: IP Filter: v3.4.32 initialized. Default = pass all, Logging = enabled
More information about the freebsd-net
mailing list