Page 2 of 2
Re: Kernel panic :(
Posted: 18 Apr 2016, 11:57
by dimka88
try to use unit-cache=3000
Re: Kernel panic :(
Posted: 18 Apr 2016, 12:33
by hugleo
Already is setted with a non zero value
unit-cache=1
Re: Kernel panic :(
Posted: 18 Apr 2016, 12:39
by nik247
hugleo wrote:Already is setted with a non zero value
unit-cache=1
unit-cache - Specifies
number of interfaces to keep in cache.
try 1000, 2000, 3000 depend from active users...
Re: Kernel panic :(
Posted: 18 Apr 2016, 12:43
by hugleo
Thanks!
I was reading the following description:
viewtopic.php?f=4&t=13
" Thus (if unit-cache option is not zero) do not close unit file descriptor immediatly, but put it into unit cache."
Re: Kernel panic :(
Posted: 18 Apr 2016, 21:56
by hugleo
Now I not got the panic but accel-ppp service restarted.
I just have the systemd logs:
Apr 18 16:17:01 ths-yy-yy-yy-yy CRON[22157]: pam_unix(cron:session): session closed for user root
Apr 18 16:59:43 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network
Apr 18 16:59:43 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS handshake failed
Apr 18 17:00:58 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network
Apr 18 17:00:58 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 TLS Error: TLS handshake failed
Apr 18 17:02:02 ths-yy-yy-yy-yy systemd[1]: accel-ppp.service: main process exited, code=exited, status=255/n/a
Apr 18 17:02:02 ths-yy-yy-yy-yy systemd[1]: Unit accel-ppp.service entered failed state.
Apr 18 17:02:11 ths-yy-yy-yy-yy ovpn-server[1282]: hh.hh.hh.hh:57789 [UNDEF] Inactivity timeout (--ping-restart), restarting
Apr 18 17:17:01 ths-yy-yy-yy-yy CRON[6061]: pam_unix(cron:session): session opened for user root by (uid=0)
Maybe is a strange coincidence the accel-ppp crash in the same time that the openvpn service
Re: Kernel panic :(
Posted: 19 Apr 2016, 02:38
by hugleo
accel-ppp upgraded, kernel upgraded, unit-cache=3000
And one more panic
I've removed the iptables line:
iptables -t mangle -D FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Testing...
Re: Kernel panic :(
Posted: 21 Apr 2016, 12:09
by hugleo
And no more panic
Was the line or openvpn. Since I removed the openvpn from server too maybe I'm willing to try the line again (or a little variation of the line like --set-mss 1440).
Re: Kernel panic :(
Posted: 16 Jul 2016, 16:35
by hugleo
I've tried again and put the lines:
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1400:1536 -j TCPMSS --clamp-mss-to-pmtu
I configure it in two different servers.
After few hours got kernel panic on both
MSS Clamping lines are good for pppoe. We got some xbox consoles or mobile devices that can't load youtube images by example.
Currently accel-ppp version is 1.10.2. I'll try again with accel version 1.11.0
Re: Kernel panic :(
Posted: 18 Jul 2016, 12:17
by hugleo
I think I managed to solve the problem with the lines:
iptables -t mangle -A FORWARD -o ppp+ -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1453:65535 -j TCPMSS --set-mss 1452
iptables -t mangle -A FORWARD -i ppp+ -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1373:65535 -j TCPMSS --set-mss 1372
Re: Kernel panic :(
Posted: 09 May 2017, 09:03
by Игорь