xfrm4_gc_thresh should default to INT_MAX
Bug #1549332 reported by
Dan Streetman
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Medium
|
Dan Streetman |
Bug Description
The default xfrm4_gc_thresh (and xfrm6_gc_thresh) value is currently 32k, but in systems with > 16 cpus, this will (eventually) cause failures when ipsec uses too many dst objects. As xfrm doesn't actually manage its dst objects, the flowcache does, this parameter doesn't actually control xfrm dst gc, it only causes failures when exceeded. Thus is should simply be set to INT_MAX.
Upstream commit that fixes this is c386578f1cdb4da
Changed in linux (Ubuntu): | |
assignee: | nobody → Dan Streetman (ddstreet) |
tags: | added: sts |
Changed in linux (Ubuntu): | |
status: | Incomplete → In Progress |
Changed in linux (Ubuntu): | |
importance: | Undecided → Medium |
tags: | added: cherry-pick |
To post a comment you must log in.
This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:
apport-collect 1549332
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.