Kernel panic :(
Re: Kernel panic :(
try to use unit-cache=3000
Re: Kernel panic :(
Already is setted with a non zero value
unit-cache=1
unit-cache=1
Re: Kernel panic :(
unit-cache - Specifies number of interfaces to keep in cache.hugleo wrote:Already is setted with a non zero value
unit-cache=1
try 1000, 2000, 3000 depend from active users...
Re: Kernel panic :(
Thanks!
I was reading the following description:
viewtopic.php?f=4&t=13
" Thus (if unit-cache option is not zero) do not close unit file descriptor immediatly, but put it into unit cache."
I was reading the following description:
viewtopic.php?f=4&t=13
" Thus (if unit-cache option is not zero) do not close unit file descriptor immediatly, but put it into unit cache."
Re: Kernel panic :(
Now I not got the panic but accel-ppp service restarted.
I just have the systemd logs:
Apr 18 16:17:01 ths-yy-yy-yy-yy CRON[22157]: pam_unix(cron:session): session closed for user root
Apr 18 16:59:43 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network
Apr 18 16:59:43 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS handshake failed
Apr 18 17:00:58 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network
Apr 18 17:00:58 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS handshake failed
Apr 18 17:02:02 ths-yy-yy-yy-yy systemd[1]: accel-ppp.service: main process exited, code=exited, status=255/n/a
Apr 18 17:02:02 ths-yy-yy-yy-yy systemd[1]: Unit accel-ppp.service entered failed state.
Apr 18 17:02:11 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 [UNDEF] Inactivity timeout (--ping-restart), restarting
Apr 18 17:17:01 ths-yy-yy-yy-yy CRON[6061]: pam_unix(cron:session): session opened for user root by (uid=0)
Maybe is a strange coincidence the accel-ppp crash in the same time that the openvpn service
I just have the systemd logs:
Apr 18 16:17:01 ths-yy-yy-yy-yy CRON[22157]: pam_unix(cron:session): session closed for user root
Apr 18 16:59:43 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network
Apr 18 16:59:43 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS handshake failed
Apr 18 17:00:58 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network
Apr 18 17:00:58 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS handshake failed
Apr 18 17:02:02 ths-yy-yy-yy-yy systemd[1]: accel-ppp.service: main process exited, code=exited, status=255/n/a
Apr 18 17:02:02 ths-yy-yy-yy-yy systemd[1]: Unit accel-ppp.service entered failed state.
Apr 18 17:02:11 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 [UNDEF] Inactivity timeout (--ping-restart), restarting
Apr 18 17:17:01 ths-yy-yy-yy-yy CRON[6061]: pam_unix(cron:session): session opened for user root by (uid=0)
Maybe is a strange coincidence the accel-ppp crash in the same time that the openvpn service
Re: Kernel panic :(
accel-ppp upgraded, kernel upgraded, unit-cache=3000
And one more panic
I've removed the iptables line:
iptables -t mangle -D FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Testing...
And one more panic
I've removed the iptables line:
iptables -t mangle -D FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Testing...
Re: Kernel panic :(
And no more panic
Was the line or openvpn. Since I removed the openvpn from server too maybe I'm willing to try the line again (or a little variation of the line like --set-mss 1440).
Was the line or openvpn. Since I removed the openvpn from server too maybe I'm willing to try the line again (or a little variation of the line like --set-mss 1440).
Re: Kernel panic :(
I've tried again and put the lines:
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1400:1536 -j TCPMSS --clamp-mss-to-pmtu
I configure it in two different servers.
After few hours got kernel panic on both
MSS Clamping lines are good for pppoe. We got some xbox consoles or mobile devices that can't load youtube images by example.
Currently accel-ppp version is 1.10.2. I'll try again with accel version 1.11.0
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1400:1536 -j TCPMSS --clamp-mss-to-pmtu
I configure it in two different servers.
After few hours got kernel panic on both
MSS Clamping lines are good for pppoe. We got some xbox consoles or mobile devices that can't load youtube images by example.
Currently accel-ppp version is 1.10.2. I'll try again with accel version 1.11.0
Re: Kernel panic :(
I think I managed to solve the problem with the lines:
iptables -t mangle -A FORWARD -o ppp+ -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1453:65535 -j TCPMSS --set-mss 1452
iptables -t mangle -A FORWARD -i ppp+ -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1373:65535 -j TCPMSS --set-mss 1372
iptables -t mangle -A FORWARD -o ppp+ -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1453:65535 -j TCPMSS --set-mss 1452
iptables -t mangle -A FORWARD -i ppp+ -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1373:65535 -j TCPMSS --set-mss 1372