memory leak with vlan tagged traffic in switch mode

Florian Schoedel Florian.Schoedel at meteringservice.de
Sun Jun 15 16:55:32 CEST 2014 

Hi Guus, 

thanks for your reply. How many bytes should be allocated for each mac 
entry? 
I still think there must be a general error in this setup because tinc uses 
at the end 99% of 1 GB assigned memory for this virtual machine. (vsphere / 
ESXi 4.1)
Finally, when the host is running out of memory space, tincd is terminated 
during a  vasprintf(..) call. 

How can I collect or dump helpful information. 

The information I see in debug=5 mode are looking fine?!

Sending ADD_SUBNET to CLIENTHOST (CLIENTIP port 37239): 10 6a6b2977 
SERVERHOST 8:96:d7:61:9e:58#10
Sending 46 bytes of metadata to CLIENTHOST (CLIENTIP port 37239)
Broadcasting packet of 64 bytes from SERVERHOST (MYSELF)
Sending packet of 64 bytes to CLIENTHOST (CLIENTIP port 655)
Flushing 46 bytes to CLIENTHOST (CLIENTIP port 37239)
Read packet of 64 bytes from Linux tun/tap device (tap mode)
Learned new MAC address 8:96:d7:4a:a1:c8
Sending ADD_SUBNET to CLIENTHOST (CLIENTIP port 37239): 10 50a18407 
SERVERHOST 8:96:d7:4a:a1:c8#10
Sending 46 bytes of metadata to CLIENTHOST (CLIENTIP port 37239)
Broadcasting packet of 64 bytes from SERVERHOST (MYSELF)
Sending packet of 64 bytes to CLIENTHOST (CLIENTIP port 655)
Flushing 46 bytes to CLIENTHOST (CLIENTIP port 37239)
Read packet of 64 bytes from Linux tun/tap device (tap mode)
Learned new MAC address c0:25:6:bd:d0:c4
Sending ADD_SUBNET to CLIENTHOST (CLIENTIP port 37239): 10 2bafcbfa 
SERVERHOST c0:25:6:bd:d0:c4#10
Sending 46 bytes of metadata to CLIENTHOST (CLIENTIP port 37239)
Broadcasting packet of 64 bytes from SERVERHOST (MYSELF)
Sending packet of 64 bytes to CLIENTHOST (CLIENTIP port 655)
Flushing 46 bytes to CLIENTHOST (CLIENTIP port 37239)
Read packet of 64 bytes from Linux tun/tap device (tap mode)
Learned new MAC address 8:96:d7:53:e8:53
Sending ADD_SUBNET to CLIENTHOST (CLIENTIP port 37239): 10 3c810297 
SERVERHOST 8:96:d7:53:e8:53#10

Does tincd distinquish between different vlans when the same mac address is 
seen?

thanks a lot


Florian
-----Original Message-----
From: Guus Sliepen <guus at tinc-vpn.org>
To: tinc at tinc-vpn.org
Date: Sun, 15 Jun 2014 12:44:00 +0200
Subject: Re: memory leak with vlan tagged traffic in switch mode

On Thu, Jun 12, 2014 at 06:52:15AM +0200, Florian Schoedel wrote:

> I am trying to connect two segments with about 4 x 1000 mac addresses
> (distributed on different vlans). I am always running out of memory on one
> side. This happens only on the side where the arp requests come from.
> Currently there is no unicast traffic between the sides; only broadcasted
> arp requests.
> It looks like tincd reserves memory with each arp request which isn't 
freed
> afterwards or
> tincd builds internal structures for the arp cache, based on the wrong
> information from the ethernet header, when I transport 8021q tagged 
traffic.

Tinc reserves memory for each MAC address it sees. Unfortunately, it's
not too space efficient with those, so if all 4000 MAC addresses are
being seen by tinc, that can easily cause tinc to allocate 1 megabyte of
memory. How much memory do you have and how much do you see tinc use in
your setup?

> If I change my config from switch to hub mode, everything works fine.
> Are there any drawbacks If I use hub mode when there are only two 
connected
> sites?

If it's only two sites, there is no drawback to using hub mode.

--
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>

Thüga MeteringService GmbH, Sitz: Naila, eingetragen beim Amtsgericht in Hof, HRB: 4125
Geschäftsführer: Peter Hornfischer
StNr.: 223/140/10756, geführt beim Finanzamt Hof, USt-ID-Nr.: DE 246359579
Bankverbindung: BayernLB München, BLZ 700 500 00, Konto-Nr. 4113816
Geschäftsadresse Thüga MeteringService GmbH, Zum Kugelfang 2, 95119 Naila


Haftungsausschluss: Diese Nachricht erhält vertrauliche Informationen, welche nur für den Empfänger bestimmt sind. Falls Sie diese Nachricht irrtümlicherweise erhalten haben, 
benachrichtigen Sie uns bitte sofort und vernichten Sie sämtliche Kopien (digital/Papier). Danke.
Disclaimer: The information contained in this message is confidential and may only be used by the intended recipient. If you received it in error, 
please notify us immediately and destroy any copies (digital and paper). Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140615/4287c84e/attachment-0001.html>

More information about the tinc mailing list