Subject: IPFilter 3.3 on NetBSD 4.1 --- NMBCLUSTERS overflow, what is a sensible setting?
To: None <ipfilter@coombs.anu.edu.au>
From: Aaron Roydhouse <aaron@toolbox.co.nz>
List: tech-kern
Date: 08/28/1999 23:43:57
Hi, I'm having difficulty with NMBCLUSTERS overflowing on a NetBSD system
with IPFilter.

We're using IPFilter 3.3 on NetBSD 4.1 running on an Intel PIII with an
on-motherboard Intel EtherExpress and four 3Com 905B-TXNM cards. This is
out-of-the-box NetBSD 4.1 plus the recognition patch for the NM hardware
revision of the 3Com 905B-TX.

The default kernel config for NMBCLUSTERS is 256, or if GATEWAY is enabled
512. Using IPFilter 3.3 on four network interfaces with a fairly hefty
rule-set and NMBCLUSTERS=512, NMBCLUSTERS quickly overflowed (indicated by
console messages, networking pauses, and sometimes complete networking
failure).

Looking at other kernel configurations the largest setting for NMBCLUSTERS,
used by an FTP server, was NMBCLUSTERS=2048. So I increased our NMBCLUSTERS
to 2048. After a couple of days this value was overflowed too, resulting in
all four network interfaces ceasing to operate (but no panic or other
noticeable effects).

The actual overflow was coincident with a lot of FTP activity---So I'm not
clear whether it is time or an activity level that causes the overflow.

So I have lots of questions...

*** Anyone having similar experiences?

*** What values for NMBCLUSTERS are other NetBSD/*BSD users using?

*** Does using IPFilter increase the use of NMBCLUSTERS on NetBSD?

*** Is it reasonable that IPFilter might need NMBCLUSTERS > 2048  ?

*** How can I find out how many NMBCLUSTERS are in use at any given time?

*** Could this be an NMBCLUSTERS leak? Or do I just need a bigger setting?

I still have the machine running, untouched since the networking failed
after the NMBCLUSTERS overflow. So if there is any extra info I can supply,
just tell me.

Aaron.