Bug 592192

Summary: kernel panic occurs in bridge mode ..we are using squid as intercept-tproxy
Product: [Fedora] Fedora Reporter: senthil kumar <senthilkumaar2021>
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: CLOSED CANTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: urgent Docs Contact:
Priority: low    
Version: 8CC: anton, dcantrell, dougsland, gansalmon, itamar, jonathan, kernel-maint, vedran
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-05-24 19:40:26 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description senthil kumar 2010-05-14 08:12:19 UTC
Description of problem:
The system has running squid which was used in bridge mode and kernel panic error occurs once in 10-15 hours we are using kernel 2.6.30.5 and the traffic is about 100 Mbps and req/sec to squid is 400

 [<c039e860>] br_nf_pre_routing_finish+0x0/0x2d0
 [<c039e860>] br_nf_pre_routing_finish+0x0/0x2d0
 [<c032349a>] nf_iterate+0x7a/0xb0
 [<c039e860>] br_nf_pre_routing_finish+0x0/0x2d0
 [<c039e860>] br_nf_pre_routing_finish+0x0/0x2d0
 [<c0323898>] nf_hook_slow+0xf8/0x130
 [<c039e860>] br_nf_pre_routing_finish+0x0/0x2d0
 [<c039e860>] br_nf_pre_routing_finish+0x0/0x2d0
 [<c039f088>] br_nf_pre_routing+0x248/0x420
 [<c039e860>] br_nf_pre_routing_finish+0x0/0x2d0
 [<c039a550>] br_handle_frame_finish+0x0/0x120
 [<c032349a>] nf_iterate+0x7a/0xb0
 [<c039a550>] br_handle_frame_finish+0x0/0x120
 [<c039a550>] br_handle_frame_finish+0x0/0x120
 [<c0323822>] nf_hook_slow+0x82/0x130
 [<c039a550>] br_handle_frame_finish+0x0/0x120
 [<c039a763>] br_handle_frame+0xf3/0x1e0
 [<c039a550>] br_handle_frame_finish+0x0/0x120
 [<c031830d>] netif_receive_skb+0xfd/0x250
 [<c03184df>] process_backlog+0x7f/0x100
 [<c03185d4>] net_rx_action+0x74/0x100
 [<c011d256>] __do_softirq+0x76/0x90
 [<c011d296>] do_softirq+0x26/0x30
 [<c011d365>] irq_exit+0x35/0x40
 [<c0104328>] do_IRQ+0x28/0x40
 [<c010289e>] common_interrupt+0x1a/0x20
Code: 90 00 00 00 83 48 0c 01 eb 8d 
Version-Release number of selected component (if applicable):

we are using fedora 8

How reproducible:
squid running with bridge mode in high traffic

Comment 1 senthil kumar 2010-05-14 08:16:28 UTC
We are using squid in intercept tproxy 


iptable and ebtable used are as follows

ptable and ebtables are

iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT

iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129

ebtables -t broute -A BROUTING -i $CLIENT_IFACE -p ipv4 --ip-proto tcp --ip-dport 80 -j redirect --redirect-target DROP

ebtables -t broute -A BROUTING -i $INET_IFACE -p ipv4 --ip-proto tcp --ip-sport 80 -j redirect --redirect-target DROP

Comment 2 Vedran Miletić 2010-05-24 19:40:26 UTC
Reporter, Fedora 8 is no longer supported. If you can reproduce the issue in newer version, we would be glad to look at it.

---

Fedora Bugzappers volunteer triage team
https://fedoraproject.org/wiki/BugZappers