|
||||||||
I few weeks ago I started noticing "All mbuf clusters exhausted, please see tuning(7)" messages from my generic-pc v1.231 M0n0wall. I found: http://m0n0.ch/wall/list/showmsg.php?id=41/20 http://m0n0.ch/wall/list/showmsg.php?id=41/67 http://doc.m0n0.ch/handbook/faq-high-performance-tweaks.html http://www.google.com/search?q=nmbclusters+site:m0n0.ch The CD solution in "id=41/67" doesn't quite apply since I'm using the PC image, not the CD. I have not noticed any actual problems with the FW, but the message doesn't make me happy. I don't have any worms on the LAN but do have some P2P which I suspect is the culprit. After quite a lot of poking around this and trying some blind alleys [1] I came up with the following solution. NOTE: this will need to be re-applied at every image upgrade (unless the default goes up or the GUI allows you to change this)! I added a note about that to my config file too. Adapted from http://m0n0.ch/wall/list/showmsg.php?id=174/51 and http://m0n0.ch/wall/list/showmsg.php?id=174/45. Do the following four steps in exec.php. The third one is for verification only. (Four lines only, watch out if your mail client wraps a line.) line exec.php command ---- ---------------- 1 mount -u -o rw /cf 2 echo -e "set kern.ipc.nmbclusters=4800\n`cat /cf/boot/loader.rc`" > /cf/boot/loader.rc 3 cat /cf/boot/loader.rc 4 mount -u -o ro /cf ORIGINAL file: $ cat /cf/boot/loader.rc set hw.ata.atapi_dma="0" set hw.ata.ata_dma="0" load /kernel load -t mfs_root /mfsroot boot NEW file: $ cat /cf/boot/loader.rc set kern.ipc.nmbclusters=4800 set hw.ata.atapi_dma="0" set hw.ata.ata_dma="0" load /kernel load -t mfs_root /mfsroot boot BEFORE: $ sysctl kern.ipc.nmbclusters kern.ipc.nmbclusters: 1408 $ netstat -m 1271/1936/5632 mbufs in use (current/peak/max): 1266 mbufs allocated to data 5 mbufs allocated to packet headers 1259/1408/1408 mbuf clusters in use (current/peak/max) 3300 Kbytes allocated to network (78% of mb_map in use) 49879 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines AFTER [required a reboot]: $ sysctl kern.ipc.nmbclusters kern.ipc.nmbclusters: 4800 $ netstat -m 1359/1408/19200 mbufs in use (current/peak/max): 1354 mbufs allocated to data 5 mbufs allocated to packet headers 1337/1370/4800 mbuf clusters in use (current/peak/max) 3092 Kbytes allocated to network (21% of mb_map in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines I'm quite pleased with my solution for prepending the necessary line to the /cf/boot/loader.rc file, even if I do say so myself. Good thing it didn't need to be in the middle. :-) Hope this is useful, JP [1] If this had worked I'd have added it to a <shellcmd> in the config file (http://m0n0.ch/wall/list/showmsg.php?id=135/62); exec.php: $ sysctl -w kern.ipc.nmbclusters=4800 sysctl: oid 'kern.ipc.nmbclusters' is read only ----------------------------|:::======|------------------------------- JP Vossen, CISSP |:::======| jp{at}jpsdomain{dot}org My Account, My Opinions |=========| http://www.jpsdomain.org/ ----------------------------|=========|------------------------------- Microsoft has single-handedly nullified Moore's Law. Innate design flaws of Windows make a personal firewall, anti-virus and anti-malware software mandatory. The resulting software arms race has effectively flattened Moore's Law on hardware running Windows. |